Page MenuHomeFreeBSD

Correct bitwise test in mac_bsdextended ugidfw_rule_valid()
ClosedPublic

Authored by emaste on Apr 6 2017, 7:15 PM.
Tags
None
Referenced Files
Unknown Object (File)
Feb 22 2024, 10:24 PM
Unknown Object (File)
Jan 13 2024, 9:59 PM
Unknown Object (File)
Dec 24 2023, 11:52 AM
Unknown Object (File)
Oct 31 2023, 12:28 PM
Unknown Object (File)
Sep 18 2023, 11:16 AM
Unknown Object (File)
Sep 7 2023, 1:13 PM
Unknown Object (File)
Aug 22 2023, 5:35 PM
Unknown Object (File)
Aug 10 2023, 10:21 PM
Subscribers

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

For reference this is also CID 1008934.

sys/security/mac_bsdextended/mac_bsdextended.c
128 ↗(On Diff #27149)

Shouldn't this be mbo_flags instead of mbo_neg ?

Also, stylish test would be () != 0.

sys/security/mac_bsdextended/mac_bsdextended.c
128 ↗(On Diff #27149)

For reference this was introduced in rS157986, which introduced this non-stylistic change.

Perhaps we should just remove the first condition in this if, leaving

if ((rule->mbr_object.mbo_type | MBO_ALL_TYPE) != MBO_ALL_TYPE)

I.e., disallow invalid mbo_type flags regardless of whether MBO_TYPE_DEFINED is set?

As suggested by @kib I think this is the intended test.

The test currently in svn is in effect if (1 && ...) so removing the first part (as in my comment) should be no functional change, but I suppose this is actually what's intended; mbo_type is only accessed if rule->mbr_object.mbo_flags & MBO_TYPE_DEFINED.

kib added inline comments.
sys/security/mac_bsdextended/mac_bsdextended.c
128 ↗(On Diff #29165)

Still, I prefer to add != 0 .

This revision is now accepted and ready to land.Jun 3 2017, 9:14 AM
This revision was automatically updated to reflect the committed changes.