summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Zeleny <jzeleny@redhat.com>2012-07-23 14:57:06 -0400
committerJakub Hrozek <jhrozek@redhat.com>2012-07-25 22:50:31 +0200
commit1187b00ab819eac8de47b139526aa763f464d91d (patch)
treeaad7c245d62628237619fafdc66ad2909c571e53
parent33ecf38bc7afcbeed877df2de888115c9232391c (diff)
downloadsssd-1187b00ab819eac8de47b139526aa763f464d91d.tar.gz
sssd-1187b00ab819eac8de47b139526aa763f464d91d.tar.xz
sssd-1187b00ab819eac8de47b139526aa763f464d91d.zip
Provide counter of possible matches in SELinux IPA provider
The counter is important so the for cycle doesn't depend on the first NULL pointer. That would cause potential errors if more records are following after this first NULL pointer.
-rw-r--r--src/providers/ipa/ipa_session.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/src/providers/ipa/ipa_session.c b/src/providers/ipa/ipa_session.c
index 4be0ec4e3..9032a8d1c 100644
--- a/src/providers/ipa/ipa_session.c
+++ b/src/providers/ipa/ipa_session.c
@@ -51,6 +51,7 @@ struct ipa_get_selinux_state {
size_t nmaps;
struct sysdb_attrs **possible_match;
+ size_t possible_matches;
};
static struct
@@ -379,7 +380,6 @@ static void ipa_get_selinux_maps_done(struct tevent_req *subreq)
struct ipa_id_ctx *id_ctx;
const char *tmp_str;
- size_t pos_cnt = 0;
uint32_t priority = 0;
errno_t ret;
int i;
@@ -432,16 +432,16 @@ static void ipa_get_selinux_maps_done(struct tevent_req *subreq)
continue;
}
- state->possible_match[pos_cnt] = state->selinuxmaps[i];
- pos_cnt++;
+ state->possible_match[state->possible_matches] = state->selinuxmaps[i];
+ state->possible_matches++;
}
- if (pos_cnt) {
+ if (state->possible_matches) {
/* FIXME: detect if HBAC is configured
* - if yes, we can skip HBAC retrieval and get it directly from sysdb
*/
DEBUG(SSSDBG_TRACE_FUNC, ("%d SELinux maps referenced an HBAC rule. "
- "Need to refresh HBAC rules\n", pos_cnt));
+ "Need to refresh HBAC rules\n", state->possible_matches));
subreq = ipa_hbac_rule_info_send(state, false, bctx->ev,
sdap_id_op_handle(state->op),
id_ctx->sdap_id_ctx->opts,
@@ -517,7 +517,7 @@ static void ipa_get_selinux_hbac_done(struct tevent_req *subreq)
/* HBAC rule matched, find if it is in the "possible" list */
- for (j = 0; state->possible_match[j]; j++) {
+ for (j = 0; j < state->possible_matches; j++) {
usermap = state->possible_match[j];
if (usermap == NULL) {
continue;