libselinux: declare return value of context_str(3) const

context_str(3) returns a string representation of the given context. This string is owned by the context and free'd on context_free(3). Declare it const, as already done in the man page, since it must not be free'd by the caller. Signed-off-by: Christian Göttsche <[email protected]> Acked-by: Nicolas Iooss <[email protected]>
SELinuxProject · Jun 2, 2022 · dd98fa3 · dd98fa3
1 parent 0a8c177
commit dd98fa3
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 9 deletions.
diff --git a/libselinux/include/selinux/context.h b/libselinux/include/selinux/context.h
@@ -25,7 +25,7 @@ extern "C" {
  * for the same context_t*
  */
 
- extern char *context_str(context_t);
+ extern const char *context_str(context_t);
 
 /* Free the storage used by a context */
  extern void context_free(context_t);

diff --git a/libselinux/src/context.c b/libselinux/src/context.c
@@ -116,7 +116,7 @@ void context_free(context_t context)
 /*
  * Return a pointer to the string value of the context.
  */
-char *context_str(context_t context)
+const char *context_str(context_t context)
 {
  context_private_t *n = context->ptr;
  int i;

diff --git a/libselinux/src/get_context_list.c b/libselinux/src/get_context_list.c
@@ -143,6 +143,7 @@ static int get_context_user(FILE * fp,
  char *linerole, *linetype;
  char **new_reachable = NULL;
  char *usercon_str;
+ const char *usercon_str2;
  context_t con;
  context_t usercon;
 
@@ -257,28 +258,28 @@ static int get_context_user(FILE * fp,
  rc = -1;
  goto out;
  }
- usercon_str = context_str(usercon);
- if (!usercon_str) {
+ usercon_str2 = context_str(usercon);
+ if (!usercon_str2) {
  context_free(usercon);
  rc = -1;
  goto out;
  }
 
  /* check whether usercon is already in reachable */
- if (is_in_reachable(*reachable, usercon_str)) {
+ if (is_in_reachable(*reachable, usercon_str2)) {
  context_free(usercon);
  start = end;
  continue;
  }
- if (security_check_context(usercon_str) == 0) {
+ if (security_check_context(usercon_str2) == 0) {
  new_reachable = realloc(*reachable, (*nreachable + 2) * sizeof(char *));
  if (!new_reachable) {
  context_free(usercon);
  rc = -1;
  goto out;
  }
  *reachable = new_reachable;
- new_reachable[*nreachable] = strdup(usercon_str);
+ new_reachable[*nreachable] = strdup(usercon_str2);
  if (new_reachable[*nreachable] == NULL) {
  context_free(usercon);
  rc = -1;

diff --git a/libselinux/src/query_user_context.c b/libselinux/src/query_user_context.c
@@ -115,7 +115,7 @@ int manual_user_enter_context(const char *user, char ** newcon)
  int mls_enabled = is_selinux_mls_enabled();
 
  context_t new_context; /* The new context chosen by the user */
- char *user_context = NULL; /* String value of the user's context */
+ const char *user_context = NULL; /* String value of the user's context */
  int done = 0; /* true if a valid sid has been obtained */
 
  /* Initialize the context. How this is done depends on whether

diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c
@@ -842,7 +842,7 @@ static int parse_command_line_arguments(int argc, char **argv, char *ttyn,
  char *type_ptr = NULL; /* stores malloc'd data from get_default_type */
  char *level_s = NULL; /* level spec'd by user in argv[] */
  char *range_ptr = NULL;
- char *new_con = NULL;
+ const char *new_con = NULL;
  char *tty_con = NULL;
  context_t context = NULL; /* manipulatable form of new_context */
  const struct option long_options[] = {