diff options
| author | Jan Zeleny <jzeleny@redhat.com> | 2012-07-23 14:57:06 -0400 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2012-07-25 22:50:31 +0200 |
| commit | 1187b00ab819eac8de47b139526aa763f464d91d (patch) | |
| tree | aad7c245d62628237619fafdc66ad2909c571e53 | |
| parent | 33ecf38bc7afcbeed877df2de888115c9232391c (diff) | |
| download | sssd-1187b00ab819eac8de47b139526aa763f464d91d.tar.gz sssd-1187b00ab819eac8de47b139526aa763f464d91d.tar.xz sssd-1187b00ab819eac8de47b139526aa763f464d91d.zip | |
Provide counter of possible matches in SELinux IPA provider
The counter is important so the for cycle doesn't depend on the first
NULL pointer. That would cause potential errors if more records are
following after this first NULL pointer.
| -rw-r--r-- | src/providers/ipa/ipa_session.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/providers/ipa/ipa_session.c b/src/providers/ipa/ipa_session.c index 4be0ec4e3..9032a8d1c 100644 --- a/src/providers/ipa/ipa_session.c +++ b/src/providers/ipa/ipa_session.c @@ -51,6 +51,7 @@ struct ipa_get_selinux_state { size_t nmaps; struct sysdb_attrs **possible_match; + size_t possible_matches; }; static struct @@ -379,7 +380,6 @@ static void ipa_get_selinux_maps_done(struct tevent_req *subreq) struct ipa_id_ctx *id_ctx; const char *tmp_str; - size_t pos_cnt = 0; uint32_t priority = 0; errno_t ret; int i; @@ -432,16 +432,16 @@ static void ipa_get_selinux_maps_done(struct tevent_req *subreq) continue; } - state->possible_match[pos_cnt] = state->selinuxmaps[i]; - pos_cnt++; + state->possible_match[state->possible_matches] = state->selinuxmaps[i]; + state->possible_matches++; } - if (pos_cnt) { + if (state->possible_matches) { /* FIXME: detect if HBAC is configured * - if yes, we can skip HBAC retrieval and get it directly from sysdb */ DEBUG(SSSDBG_TRACE_FUNC, ("%d SELinux maps referenced an HBAC rule. " - "Need to refresh HBAC rules\n", pos_cnt)); + "Need to refresh HBAC rules\n", state->possible_matches)); subreq = ipa_hbac_rule_info_send(state, false, bctx->ev, sdap_id_op_handle(state->op), id_ctx->sdap_id_ctx->opts, @@ -517,7 +517,7 @@ static void ipa_get_selinux_hbac_done(struct tevent_req *subreq) /* HBAC rule matched, find if it is in the "possible" list */ - for (j = 0; state->possible_match[j]; j++) { + for (j = 0; j < state->possible_matches; j++) { usermap = state->possible_match[j]; if (usermap == NULL) { continue; |