summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJan Zeleny <jzeleny@redhat.com>2012-07-23 14:57:06 -0400
committerJakub Hrozek <jhrozek@redhat.com>2012-07-25 22:50:31 +0200
commit1187b00ab819eac8de47b139526aa763f464d91d (patch)
treeaad7c245d62628237619fafdc66ad2909c571e53 /src
parent33ecf38bc7afcbeed877df2de888115c9232391c (diff)
downloadsssd-1187b00ab819eac8de47b139526aa763f464d91d.tar.gz
sssd-1187b00ab819eac8de47b139526aa763f464d91d.tar.bz2
sssd-1187b00ab819eac8de47b139526aa763f464d91d.zip
Provide counter of possible matches in SELinux IPA provider
The counter is important so the for cycle doesn't depend on the first NULL pointer. That would cause potential errors if more records are following after this first NULL pointer.
Diffstat (limited to 'src')
-rw-r--r--src/providers/ipa/ipa_session.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/src/providers/ipa/ipa_session.c b/src/providers/ipa/ipa_session.c
index 4be0ec4e..9032a8d1 100644
--- a/src/providers/ipa/ipa_session.c
+++ b/src/providers/ipa/ipa_session.c
@@ -51,6 +51,7 @@ struct ipa_get_selinux_state {
size_t nmaps;
struct sysdb_attrs **possible_match;
+ size_t possible_matches;
};
static struct
@@ -379,7 +380,6 @@ static void ipa_get_selinux_maps_done(struct tevent_req *subreq)
struct ipa_id_ctx *id_ctx;
const char *tmp_str;
- size_t pos_cnt = 0;
uint32_t priority = 0;
errno_t ret;
int i;
@@ -432,16 +432,16 @@ static void ipa_get_selinux_maps_done(struct tevent_req *subreq)
continue;
}
- state->possible_match[pos_cnt] = state->selinuxmaps[i];
- pos_cnt++;
+ state->possible_match[state->possible_matches] = state->selinuxmaps[i];
+ state->possible_matches++;
}
- if (pos_cnt) {
+ if (state->possible_matches) {
/* FIXME: detect if HBAC is configured
* - if yes, we can skip HBAC retrieval and get it directly from sysdb
*/
DEBUG(SSSDBG_TRACE_FUNC, ("%d SELinux maps referenced an HBAC rule. "
- "Need to refresh HBAC rules\n", pos_cnt));
+ "Need to refresh HBAC rules\n", state->possible_matches));
subreq = ipa_hbac_rule_info_send(state, false, bctx->ev,
sdap_id_op_handle(state->op),
id_ctx->sdap_id_ctx->opts,
@@ -517,7 +517,7 @@ static void ipa_get_selinux_hbac_done(struct tevent_req *subreq)
/* HBAC rule matched, find if it is in the "possible" list */
- for (j = 0; state->possible_match[j]; j++) {
+ for (j = 0; j < state->possible_matches; j++) {
usermap = state->possible_match[j];
if (usermap == NULL) {
continue;