From 8f50b45320f715aa7ab883fe3540017bdc097e20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Tue, 8 Jun 2021 17:58:56 +0200 Subject: [PATCH] libsepol: follow declaration-after-statement MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Follow the project style of no declaration after statement. Found by the gcc warning -Wdeclaration-after-statement Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/src/booleans.c | 6 ++-- libsepol/src/debug.c | 2 +- libsepol/src/ebitmap.c | 11 ++++--- libsepol/src/module_to_cil.c | 10 +++--- libsepol/src/nodes.c | 6 ++-- libsepol/src/services.c | 59 ++++++++++++++++++------------------ libsepol/src/util.c | 2 +- 7 files changed, 50 insertions(+), 46 deletions(-) diff --git a/libsepol/src/booleans.c b/libsepol/src/booleans.c index 30fcf29d..716da6b4 100644 --- a/libsepol/src/booleans.c +++ b/libsepol/src/booleans.c @@ -19,6 +19,7 @@ static int bool_update(sepol_handle_t * handle, const char *cname; char *name; int value; + cond_bool_datum_t *datum; sepol_bool_key_unpack(key, &cname); name = strdup(cname); @@ -27,8 +28,7 @@ static int bool_update(sepol_handle_t * handle, if (!name) goto omem; - cond_bool_datum_t *datum = - hashtab_search(policydb->p_bools.table, name); + datum = hashtab_search(policydb->p_bools.table, name); if (!datum) { ERR(handle, "boolean %s no longer in policy", name); goto err; @@ -84,10 +84,10 @@ int sepol_bool_set(sepol_handle_t * handle, const sepol_bool_key_t * key, const sepol_bool_t * data) { + policydb_t *policydb = &p->p; const char *name; sepol_bool_key_unpack(key, &name); - policydb_t *policydb = &p->p; if (bool_update(handle, policydb, key, data) < 0) goto err; diff --git a/libsepol/src/debug.c b/libsepol/src/debug.c index 0458e353..f6a59ae7 100644 --- a/libsepol/src/debug.c +++ b/libsepol/src/debug.c @@ -44,6 +44,7 @@ void sepol_msg_default_handler(void *varg __attribute__ ((unused)), { FILE *stream = NULL; + va_list ap; switch (sepol_msg_get_level(handle)) { @@ -60,7 +61,6 @@ void sepol_msg_default_handler(void *varg __attribute__ ((unused)), fprintf(stream, "%s.%s: ", sepol_msg_get_channel(handle), sepol_msg_get_fname(handle)); - va_list ap; va_start(ap, fmt); vfprintf(stream, fmt, ap); va_end(ap); diff --git a/libsepol/src/ebitmap.c b/libsepol/src/ebitmap.c index 7f425349..522e14a6 100644 --- a/libsepol/src/ebitmap.c +++ b/libsepol/src/ebitmap.c @@ -113,9 +113,10 @@ int ebitmap_not(ebitmap_t *dst, ebitmap_t *e1, unsigned int maxbit) int ebitmap_andnot(ebitmap_t *dst, ebitmap_t *e1, ebitmap_t *e2, unsigned int maxbit) { + int rc; ebitmap_t e3; ebitmap_init(dst); - int rc = ebitmap_not(&e3, e2, maxbit); + rc = ebitmap_not(&e3, e2, maxbit); if (rc < 0) return rc; rc = ebitmap_and(dst, e1, &e3); @@ -138,13 +139,15 @@ unsigned int ebitmap_cardinality(ebitmap_t *e1) int ebitmap_hamming_distance(ebitmap_t * e1, ebitmap_t * e2) { + int rc; + ebitmap_t tmp; + int distance; if (ebitmap_cmp(e1, e2)) return 0; - ebitmap_t tmp; - int rc = ebitmap_xor(&tmp, e1, e2); + rc = ebitmap_xor(&tmp, e1, e2); if (rc < 0) return -1; - int distance = ebitmap_cardinality(&tmp); + distance = ebitmap_cardinality(&tmp); ebitmap_destroy(&tmp); return distance; } diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c index 60290da2..580ba06a 100644 --- a/libsepol/src/module_to_cil.c +++ b/libsepol/src/module_to_cil.c @@ -107,8 +107,8 @@ static void cil_printf(const char *fmt, ...) { __attribute__ ((format(printf, 2, 3))) static void cil_println(int indent, const char *fmt, ...) { - cil_indent(indent); va_list argptr; + cil_indent(indent); va_start(argptr, fmt); if (vfprintf(out_file, fmt, argptr) < 0) { log_err("Failed to write to output"); @@ -235,12 +235,14 @@ static void role_list_destroy(void) static void attr_list_destroy(struct list **attr_list) { + struct list_node *curr; + struct attr_list_node *attr; + if (attr_list == NULL || *attr_list == NULL) { return; } - struct list_node *curr = (*attr_list)->head; - struct attr_list_node *attr; + curr = (*attr_list)->head; while (curr != NULL) { attr = curr->data; @@ -3525,12 +3527,12 @@ exit: static int additive_scopes_to_cil(int indent, struct policydb *pdb, struct avrule_block *block, struct stack *decl_stack) { int rc = -1; + struct avrule_decl *decl = stack_peek(decl_stack); struct map_args args; args.pdb = pdb; args.block = block; args.decl_stack = decl_stack; args.indent = indent; - struct avrule_decl *decl = stack_peek(decl_stack); for (args.sym_index = 0; args.sym_index < SYM_NUM; args.sym_index++) { if (func_to_cil[args.sym_index] == NULL) { diff --git a/libsepol/src/nodes.c b/libsepol/src/nodes.c index 820346d0..97a0f959 100644 --- a/libsepol/src/nodes.c +++ b/libsepol/src/nodes.c @@ -19,20 +19,20 @@ static int node_from_record(sepol_handle_t * handle, ocontext_t *tmp_node = NULL; context_struct_t *tmp_con = NULL; char *addr_buf = NULL, *mask_buf = NULL; + size_t addr_bsize, mask_bsize; + int proto; tmp_node = (ocontext_t *) calloc(1, sizeof(ocontext_t)); if (!tmp_node) goto omem; - size_t addr_bsize, mask_bsize; - /* Address and netmask */ if (sepol_node_get_addr_bytes(handle, data, &addr_buf, &addr_bsize) < 0) goto err; if (sepol_node_get_mask_bytes(handle, data, &mask_buf, &mask_bsize) < 0) goto err; - int proto = sepol_node_get_proto(data); + proto = sepol_node_get_proto(data); switch (proto) { case SEPOL_PROTO_IP4: diff --git a/libsepol/src/services.c b/libsepol/src/services.c index ff91f7d2..d647c8f5 100644 --- a/libsepol/src/services.c +++ b/libsepol/src/services.c @@ -290,6 +290,19 @@ static char *get_class_info(sepol_security_class_t tclass, { constraint_expr_t *e; int mls, state_num; + /* Determine statement type */ + const char *statements[] = { + "constrain ", /* 0 */ + "mlsconstrain ", /* 1 */ + "validatetrans ", /* 2 */ + "mlsvalidatetrans ", /* 3 */ + 0 }; + size_t class_buf_len = 0; + size_t new_class_buf_len; + size_t buf_used; + int len; + char *class_buf = NULL, *p; + char *new_class_buf = NULL; /* Find if MLS statement or not */ mls = 0; @@ -300,26 +313,11 @@ static char *get_class_info(sepol_security_class_t tclass, } } - /* Determine statement type */ - const char *statements[] = { - "constrain ", /* 0 */ - "mlsconstrain ", /* 1 */ - "validatetrans ", /* 2 */ - "mlsvalidatetrans ", /* 3 */ - 0 }; - if (xcontext == NULL) state_num = mls + 0; else state_num = mls + 2; - size_t class_buf_len = 0; - size_t new_class_buf_len; - size_t buf_used; - int len; - char *class_buf = NULL, *p; - char *new_class_buf = NULL; - while (1) { new_class_buf_len = class_buf_len + EXPR_BUF_SIZE; new_class_buf = realloc(class_buf, new_class_buf_len); @@ -417,6 +415,8 @@ static int constraint_expr_eval_reason(context_struct_t *scontext, char *tgt = NULL; int rc = 0, x; char *class_buf = NULL; + int expr_list_len = 0; + int expr_count; /* * The array of expression answer buffer pointers and counter. @@ -424,6 +424,11 @@ static int constraint_expr_eval_reason(context_struct_t *scontext, char **answer_list = NULL; int answer_counter = 0; + /* The pop operands */ + char *a; + char *b; + int a_len, b_len; + class_buf = get_class_info(tclass, constraint, xcontext); if (!class_buf) { ERR(NULL, "failed to allocate class buffer"); @@ -431,7 +436,6 @@ static int constraint_expr_eval_reason(context_struct_t *scontext, } /* Original function but with buffer support */ - int expr_list_len = 0; expr_counter = 0; expr_list = NULL; for (e = constraint->expr; e; e = e->next) { @@ -701,7 +705,7 @@ mls_ops: * expr_list malloc's. Normally they are released by the RPN to * infix code. */ - int expr_count = expr_counter; + expr_count = expr_counter; expr_counter = 0; /* @@ -715,11 +719,6 @@ mls_ops: goto out; } - /* The pop operands */ - char *a; - char *b; - int a_len, b_len; - /* Convert constraint from RPN to infix notation. */ for (x = 0; x != expr_count; x++) { if (strncmp(expr_list[x], "and", 3) == 0 || strncmp(expr_list[x], @@ -778,14 +777,6 @@ mls_ops: xcontext ? "Validatetrans" : "Constraint", s[0] ? "GRANTED" : "DENIED"); - int len, new_buf_len; - char *p, **new_buf = r_buf; - /* - * These contain the constraint components that are added to the - * callers reason buffer. - */ - const char *buffers[] = { class_buf, a, "); ", tmp_buf, 0 }; - /* * This will add the constraints to the callers reason buffer (who is * responsible for freeing the memory). It will handle any realloc's @@ -796,6 +787,14 @@ mls_ops: if (r_buf && ((s[0] == 0) || ((s[0] == 1 && (flags & SHOW_GRANTED) == SHOW_GRANTED)))) { + int len, new_buf_len; + char *p, **new_buf = r_buf; + /* + * These contain the constraint components that are added to the + * callers reason buffer. + */ + const char *buffers[] = { class_buf, a, "); ", tmp_buf, 0 }; + for (x = 0; buffers[x] != NULL; x++) { while (1) { p = *r_buf + reason_buf_used; diff --git a/libsepol/src/util.c b/libsepol/src/util.c index d51750af..a47cae87 100644 --- a/libsepol/src/util.c +++ b/libsepol/src/util.c @@ -129,9 +129,9 @@ char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms) unsigned int bit; unsigned int in_range = 0; static char xpermsbuf[2048]; - xpermsbuf[0] = '\0'; char *p; int len, xpermslen = 0; + xpermsbuf[0] = '\0'; p = xpermsbuf; if ((xperms->specified != AVTAB_XPERMS_IOCTLFUNCTION)