The functions helper_port_validate_local_proto(), get_type(), and
get_fcontext_new() are not used, so remove them.
Signed-off-by: James Carter <jwcart2@gmail.com>
Found by typos[1].
[1]: https://github.com/crate-ci/typos
Acked-by: James Carter <jwcart2@gmail.com>
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
On Ubuntu 20.04, when building with clang -Werror -Wextra-semi-stmt
(which is not the default build configuration), the compiler reports:
genhomedircon.c:742:67: error: empty expression statement has no
effect; remove unnecessary ';' to silence this warning
[-Werror,-Wextra-semi-stmt]
const semanage_seuser_t **u2 = (const semanage_seuser_t **) arg2;;
^
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
This silences many issues reported by Infer static analyzer about
possible NULL pointer dereferences.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
CU_FAIL() does not stop the execution flow.
This issue has been found using Infer static analyzer.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Several static analyzers (clang's one, Facebook Infer, etc.) warn about
NULL pointer dereferences after a call to CU_ASSERT_PTR_NOT_NULL_FATAL()
in the test code written using CUnit framework. This is because this
CUnit macro is too complex for them to understand that the pointer
cannot be NULL: it is translated to a call to CU_assertImplementation()
with an argument as TRUE in order to mean that the call is fatal if the
asserted condition failed (cf.
http://cunit.sourceforge.net/doxdocs/group__Framework.html).
A possible solution could consist in replacing the
CU_ASSERT_..._FATAL() calls by assert() ones, as most static analyzers
know about assert(). Nevertheless this seems to go against CUnit's API.
An alternative solution consists in overriding CU_ASSERT_..._FATAL()
macros in order to expand to assert() after a call to the matching
CU_ASSERT_...() non-fatal macro. This appears to work fine and to remove
many false-positive warnings from various static analyzers.
As this substitution should only occur when using static analyzer, put
it under #ifdef __CHECKER__, which is the macro used by sparse when
analyzing the Linux kernel.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Use codespell (https://github.com/codespell-project/codespell) in order
to find many common misspellings that are present in English texts.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Add new test suite for semanage_user_* functions. The test suite aims for line
coverage and covers expected usage of functions. The test suite uses custom
semanage store and policy written in CIL, it does not require running on SELinux
enabled system.
Signed-off-by: Jan Zarsky <jzarsky@redhat.com>
Add new test suite for semanage_port_* functions. The test suite aims for line
coverage and covers expected usage of functions. The test suite uses custom
semanage store and policy written in CIL, it does not require running on SELinux
enabled system.
Signed-off-by: Jan Zarsky <jzarsky@redhat.com>
Add new test suite for semanage_node_* functions. The test suite aims for line
coverage and covers expected usage of functions. The test suite uses custom
semanage store and policy written in CIL, it does not require running on SELinux
enabled system.
Signed-off-by: Jan Zarsky <jzarsky@redhat.com>
Add new test suite for semanage_ibendport_* functions. The test suite aims for
line coverage and covers expected usage of functions. The test suite uses custom
semanage store and policy written in CIL, it does not require running on SELinux
enabled system.
Signed-off-by: Jan Zarsky <jzarsky@redhat.com>
Add new test suite for semanage_iface_* functions. The test suite aims for line
coverage and covers expected usage of functions. The test suite uses custom
semanage store and policy written in CIL, it does not require running on SELinux
enabled system.
Signed-off-by: Jan Zarsky <jzarsky@redhat.com>
Add new test suite for semanage_fcontext_* functions. The test suite aims for
line coverage and covers expected usage of functions. The test suite uses custom
semanage store and policy written in CIL, it does not require running on SELinux
enabled system.
Signed-off-by: Jan Zarsky <jzarsky@redhat.com>
Add new test suite for semanage_bool_* functions. The test suite aims for line
coverage and covers expected usage of functions. The test suite uses custom
semanage store and policy written in CIL, it does not require running on SELinux
enabled system.
Signed-off-by: Jan Zarsky <jzarsky@redhat.com>
Add new test suite for semanage_handle_* functions. The test suite aims for line
coverage and covers expected usage of functions. The test suite uses custom
semanage store and policy written in CIL, it does not require running on SELinux
enabled system.
Signed-off-by: Jan Zarsky <jzarsky@redhat.com>
- Add functions for creating and destroying test semanage store.
- Add functions for writing SELinux policy to the test store.
- Add functions for creating semanage handle, connecting to the store and for
beginning a transaction.
- Update Makefile to compile test policies from CIL source.
Signed-off-by: Jan Zarsky <jzarsky@redhat.com>
This patch solves the following issues:
- DESTDIR is needed during compile time to compute library and header paths which it should not.
- Installing with both DESTDIR and PREFIX set gives us odd paths
- Make usage of DESTDIR and PREFIX more standard
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
When -lbz2 is written before libsemanage.a in the linker command line,
the linker may fail to find all needed symbols. This occurs for example
when building on Ubuntu 14.04 without the gold linker (cf. Travis build
result https://travis-ci.org/fishilico/selinux/builds/245072498):
gcc libsemanage-tests.o test_semanage_store.o test_utilities.o utilities.o
-L/home/travis/build/fishilico/selinux/installdir/usr/lib -o libsemanage-tests
-lcunit -lbz2 -laudit ../src/libsemanage.a -lselinux -lsepol
../src/libsemanage.a(direct_api.o): In function `bzip':
direct_api.c:(.text+0xee6): undefined reference to `BZ2_bzWriteOpen'
direct_api.c:(.text+0xf11): undefined reference to `BZ2_bzWriteClose'
direct_api.c:(.text+0xf79): undefined reference to `BZ2_bzWrite'
direct_api.c:(.text+0xfa1): undefined reference to `BZ2_bzWriteClose'
direct_api.c:(.text+0xfe0): undefined reference to `BZ2_bzWriteClose'
../src/libsemanage.a(direct_api.o): In function `bunzip':
direct_api.c:(.text+0x114e): undefined reference to `BZ2_bzReadOpen'
direct_api.c:(.text+0x1249): undefined reference to `BZ2_bzRead'
direct_api.c:(.text+0x13b4): undefined reference to `BZ2_bzReadClose'
../src/libsemanage.a(seusers_local.o): In function `semanage_seuser_audit':
seusers_local.c:(.text+0x4c5): undefined reference to `audit_open'
seusers_local.c:(.text+0x5b6): undefined reference to `audit_log_semanage_message'
seusers_local.c:(.text+0x5cd): undefined reference to `audit_close'
As ../src/libsemanage.a is a dependency of $(EXECUTABLE) in the
Makefile, use $^ to include it in the command line. While at it, put $^
after $(LDFLAGS) as other Makefiles do.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
There were several places in the makefiles where LDLIBS or CFLAGS were
supposed to include options to build. They were missing the override
keyword so would be skipped if these vars were set on the make cmdline.
Add the override directive to fix this.
Signed-off-by: Jason Zaman <jason@perfinion.com>
when building packages (e.g. for openSUSE Linux)
(random) filesystem order of input files
influences ordering of functions in the output,
thus without the patch, builds (in disposable VMs) would usually differ.
See https://reproducible-builds.org/ for why this matters.
The toolchain automatically handles them and they break cross compiling.
LDFLAGS should also come before object files, some flags (eg,
-Wl,as-needed) can break things if they are in the wrong place)
Gentoo-Bug: https://bugs.gentoo.org/500674
Signed-off-by: Jason Zaman <jason@perfinion.com>
When building and running tests on a system without SELinux with a
command similar to "make DESTDIR=/tmp/destdir install test", libsemanage
tests fail to build with the following error:
In file included from utilities.h:20:0,
from utilities.c:24:
../src/handle.h:29:26: fatal error: sepol/handle.h: No such file or
directory
#include <sepol/handle.h>
^
Fix this by adding the newly-installed directory under $DESTDIR (using
variable $PREFIX) in the search paths of the compiler.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Before modifying semanage_split_on_space() and semanage_split(), test in
test_utilities.c how these functions behave for example when several
delimiter tokens are concatenated in the input string.
While at it, fix the memory leaks which were present in libsemanage
tests.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
In order to run libsemanage tests, libsepol and libselinux source
directories need to exist next to libsemanage source directory. This
prevents tests to be run when using the released package.
As libsemanage tests only use public API of libselinux and libsepol,
link with the shared objects which are likely to be installed on the
system (or at least present in $DESTDIR).
While at it, drop TESTSRC variable as it was used to find libsemanage
internal headers but not the tested library (libsemanage.a). Moreover
add ../src/libsemanage.a to the target dependencies of the test
executable in order to rebuild it after libsemanage.a has been updated.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
When modifications to libsemanage functions break the test cases tested
with the CUnit framework, "make test" currently succeeds, even though it
prints an output similar to:
Suite: semanage_store
Test: semanage_store_access_check ...passed
Test: semanage_get_lock ...passed
Test: semanage_nc_sort ...passed
Suite: semanage_utilities
Test: semanage_is_prefix ...passed
Test: semanage_split_on_space ...FAILED
1. test_utilities.c:150 - CU_ASSERT_STRING_EQUAL(temp,"baz")
Test: semanage_split ...passed
Test: semanage_list ...passed
Test: semanage_str_count ...passed
Test: semanage_rtrim ...passed
Test: semanage_str_replace ...passed
Test: semanage_findval ...passed
Test: slurp_file_filter ...passed
Like commit 2489b50a91 ("libsepol: make "make test" fails when a CUnit
test fails") did for libsepol tests, modify the logic of function
do_tests() to return an error value when there has been at least one
failure. This makes "make test" fail as expected.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Allow using other compilers such as clang. Without this, the build fails
when $(CFLAGS) contains clang-specific flags:
gcc: error: unrecognized command line option '-Weverything'
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
libsemanage/tests/Makefile currently overwrites CFLAGS and LDFLAGS
contents. This makes building with custom flags (e.g. with address
sanitizer) harder. Append flags to these variables instead.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
There's no guaranty that last item in "char fname[]" will be a null character.
Fixes segfault on some systems:
Test: semanage_nc_sort ...passedtest_semanage_findval: : Invalid argument
libsemanage-tests: TestRun.c:160: CU_assertImplementation: Assertion `((void *)0) != f_pCurTest' failed.
make[1]: *** [test] Aborted (core dumped)
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
A few calls to semanage_store_access_check() in the libsemanage
tests passed an argument even though it is a void function.
Signed-off-by: Guido Trentalancia <guido@trentalancia.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
