7:34 a.m.
This partially reverts commit 0fc4a43d248b86fd54ad7323beb66faec8c1043c.
Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com>
---
tests/securityselinuxlabeltest.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/tests/securityselinuxlabeltest.c b/tests/securityselinuxlabeltest.c
index dfe9d38d34..83532d8090 100644
--- a/tests/securityselinuxlabeltest.c
+++ b/tests/securityselinuxlabeltest.c
@@ -230,7 +230,7 @@ testSELinuxCheckLabels(testSELinuxFile *files, size_t nfiles)
size_t i;
for (i = 0; i < nfiles; i++) {
- g_autofree char *ctx = NULL;
+ char *ctx = NULL;
if (getfilecon(files[i].file, &ctx) < 0) {
if (errno == ENODATA) {
/* nothing to do */
@@ -247,8 +247,10 @@ testSELinuxCheckLabels(testSELinuxFile *files, size_t nfiles)
virReportError(VIR_ERR_INTERNAL_ERROR,
"File %s context '%s' did not match expected
'%s'",
files[i].file, ctx, files[i].context);
+ freecon(ctx);
return -1;
}
+ freecon(ctx);
}
return 0;
}
--
2.35.0
7:55 a.m.
On Fri, Feb 11, 2022 at 14:34:04 +0100, Jiri Denemark wrote:
This partially reverts commit
0fc4a43d248b86fd54ad7323beb66faec8c1043c.
Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com>
---
tests/securityselinuxlabeltest.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/tests/securityselinuxlabeltest.c b/tests/securityselinuxlabeltest.c
index dfe9d38d34..83532d8090 100644
--- a/tests/securityselinuxlabeltest.c
+++ b/tests/securityselinuxlabeltest.c
@@ -230,7 +230,7 @@ testSELinuxCheckLabels(testSELinuxFile *files, size_t nfiles)
size_t i;
for (i = 0; i < nfiles; i++) {
- g_autofree char *ctx = NULL;
+ char *ctx = NULL;
if (getfilecon(files[i].file, &ctx) < 0) {
if (errno == ENODATA) {
/* nothing to do */
@@ -247,8 +247,10 @@ testSELinuxCheckLabels(testSELinuxFile *files, size_t nfiles)
virReportError(VIR_ERR_INTERNAL_ERROR,
"File %s context '%s' did not match expected
'%s'",
files[i].file, ctx, files[i].context);
+ freecon(ctx);
return -1;
}
+ freecon(ctx);
}
return 0;
}
Self-NACK
getfilecon is mocked in this test so not using freecon() was actually
correct.
8:16 a.m.
On a Friday in 2022, Jiri Denemark wrote:
On Fri, Feb 11, 2022 at 14:34:04 +0100, Jiri Denemark wrote:
> This partially reverts commit 0fc4a43d248b86fd54ad7323beb66faec8c1043c.
>
> Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com>
> ---
> tests/securityselinuxlabeltest.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/tests/securityselinuxlabeltest.c b/tests/securityselinuxlabeltest.c
> index dfe9d38d34..83532d8090 100644
> --- a/tests/securityselinuxlabeltest.c
> +++ b/tests/securityselinuxlabeltest.c
> @@ -247,8 +247,10 @@ testSELinuxCheckLabels(testSELinuxFile *files, size_t nfiles)
> virReportError(VIR_ERR_INTERNAL_ERROR,
> "File %s context '%s' did not match expected
'%s'",
> files[i].file, ctx, files[i].context);
> + freecon(ctx);
> return -1;
> }
> + freecon(ctx);
> }
> return 0;
> }
Self-NACK
getfilecon is mocked in this test so not using freecon() was actually
correct.
Even if it was from libselinux [0], is there something wrong with using
plain free for a char * variable?
We seem to have exactly one user of xmlFree which is a similar function.
Jano
[0] https://github.com/SELinuxProject/selinux/blob/master/libselinux/src/free...
8:23 a.m.
On Fri, Feb 11, 2022 at 15:16:35 +0100, Ján Tomko wrote:
On a Friday in 2022, Jiri Denemark wrote:
>On Fri, Feb 11, 2022 at 14:34:04 +0100, Jiri Denemark wrote:
>> This partially reverts commit 0fc4a43d248b86fd54ad7323beb66faec8c1043c.
>>
>> Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com>
>> ---
>> tests/securityselinuxlabeltest.c | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/tests/securityselinuxlabeltest.c
b/tests/securityselinuxlabeltest.c
>> index dfe9d38d34..83532d8090 100644
>> --- a/tests/securityselinuxlabeltest.c
>> +++ b/tests/securityselinuxlabeltest.c
>> @@ -247,8 +247,10 @@ testSELinuxCheckLabels(testSELinuxFile *files, size_t
nfiles)
>> virReportError(VIR_ERR_INTERNAL_ERROR,
>> "File %s context '%s' did not match
expected '%s'",
>> files[i].file, ctx, files[i].context);
>> + freecon(ctx);
>> return -1;
>> }
>> + freecon(ctx);
>> }
>> return 0;
>> }
>
>Self-NACK
>
>getfilecon is mocked in this test so not using freecon() was actually
>correct.
>
Even if it was from libselinux [0], is there something wrong with using
plain free for a char * variable?
We seem to have exactly one user of xmlFree which is a similar function.
[0] https://github.com/SELinuxProject/selinux/blob/master/libselinux/src/free...
Well, not really, unless the library decides to use a different
allocator which it easily can since the documentation says you should be
using freecon(). And we use freecon in other places in our code to
comply with this.
Anyway, I really wish libraries did not invent their own free functions
for char *.
Jirka
8:24 a.m.
On Fri, Feb 11, 2022 at 03:16:35PM +0100, Ján Tomko wrote:
On a Friday in 2022, Jiri Denemark wrote:
> On Fri, Feb 11, 2022 at 14:34:04 +0100, Jiri Denemark wrote:
> > This partially reverts commit 0fc4a43d248b86fd54ad7323beb66faec8c1043c.
> >
> > Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com>
> > ---
> > tests/securityselinuxlabeltest.c | 4 +++-
> > 1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/tests/securityselinuxlabeltest.c
b/tests/securityselinuxlabeltest.c
> > index dfe9d38d34..83532d8090 100644
> > --- a/tests/securityselinuxlabeltest.c
> > +++ b/tests/securityselinuxlabeltest.c
> > @@ -247,8 +247,10 @@ testSELinuxCheckLabels(testSELinuxFile *files, size_t
nfiles)
> > virReportError(VIR_ERR_INTERNAL_ERROR,
> > "File %s context '%s' did not match
expected '%s'",
> > files[i].file, ctx, files[i].context);
> > + freecon(ctx);
> > return -1;
> > }
> > + freecon(ctx);
> > }
> > return 0;
> > }
>
> Self-NACK
>
> getfilecon is mocked in this test so not using freecon() was actually
> correct.
>
Even if it was from libselinux [0], is there something wrong with using
plain free for a char * variable?
SELinux uses to use 'security_context_t' data type for all its
APIs, whicih was a typedef for 'char *'. They stopped doing
that and now just use 'char *'. The docs for freecon still say
it is to be used to free memory from anmy other get* function,
but impl is just delegating to free()
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
1015
days inactive
1015
days old
4 comments
3 participants
participants (3)
-
Daniel P. Berrangé -
Jiri Denemark -
Ján Tomko