checkseapp: Detect duplicate keys in seapp_contexts entries.
Presently it ignores duplicate keys in seapp_contexts entries, e.g. if you were to specify: user=system seinfo=platform user=bluetooth domain=system_app type=system_app_data_file checkseapp would ignore the duplicate and libselinux would end up using the last value defined for the key in each line. Change-Id: I18cadb0c1bf5a907e6fc6513df65aafed91d76fe Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
This commit is contained in:
Stephen Smalley
Nick Kralevich
parent
c6a0feb44d
commit
534fb0711d
1 changed files with 13 additions and 1 deletions
|
|
@ -524,6 +524,10 @@ static rule_map *rule_map_new(kvp keys[], size_t num_of_keys, int lineno) {
|
|||
rule_map *new_map = NULL;
|
||||
kvp *k = NULL;
|
||||
key_map *r = NULL, *x = NULL;
|
||||
bool seen[KVP_NUM_OF_RULES];
|
||||
|
||||
for (i = 0; i < KVP_NUM_OF_RULES; i++)
|
||||
seen[i] = false;
|
||||
|
||||
new_map = calloc(1, (num_of_keys * sizeof(key_map)) + sizeof(rule_map));
|
||||
if (!new_map)
|
||||
|
|
@ -549,6 +553,12 @@ static rule_map *rule_map_new(kvp keys[], size_t num_of_keys, int lineno) {
|
|||
continue;
|
||||
}
|
||||
|
||||
if (seen[j]) {
|
||||
log_error("Duplicated key: %s\n", k->key);
|
||||
goto err;
|
||||
}
|
||||
seen[j] = true;
|
||||
|
||||
memcpy(r, x, sizeof(key_map));
|
||||
|
||||
/* Assign rule map value to one from file */
|
||||
|
|
@ -612,7 +622,7 @@ err:
|
|||
free_kvp(k);
|
||||
}
|
||||
}
|
||||
exit(EXIT_FAILURE);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -936,6 +946,8 @@ static void parse() {
|
|||
} /*End token parsing */
|
||||
|
||||
rule_map *r = rule_map_new(keys, token_cnt, lineno);
|
||||
if (!r)
|
||||
goto err;
|
||||
rule_add(r);
|
||||
|
||||
} /* End file parsing */
|
||||
|
|
|
|||
Loading…
Reference in a new issue