Date: Thu, 9 Oct 2003 17:58:09 -0700 (PDT) From: Hrishikesh Dandekar <hdandeka@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 39432 for review Message-ID: <200310100058.h9A0w9sU029364@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=39432 Change 39432 by hdandeka@hdandeka_yash on 2003/10/09 17:57:53 mmap the policy file before calling security_load_policy. Affected files ... .. //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/checkpolicy.c#5 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/checkpolicy.c#5 (text+ko) ==== @@ -34,9 +34,11 @@ #include <unistd.h> #include <errno.h> #include <string.h> +#include <fcntl.h> #include <sys/types.h> #include <sys/socket.h> #include <sys/stat.h> +#include <sys/mman.h> #include <netinet/in.h> #include "linux-compat.h" #else /* __FreeBSD__ */ @@ -320,6 +322,7 @@ unsigned int binary = 0, debug = 0; int ret, ch, nel; FILE *fp, *outfp = NULL; + int fd; void *filedata; struct stat fsb; size_t filelen; @@ -619,29 +622,28 @@ pathlen = strlen(ans); ans[pathlen - 1] = 0; printf("%s: loading policy configuration from %s\n", argv[0], ans); - fp = fopen(ans, "r"); - if (!fp) { + fd = open(ans, O_RDONLY); + if (fd < 0) { printf("%s: unable to open %s\n", argv[0], ans); break; } - if(stat(ans, &fsb) == -1) { + if(fstat(fd, &fsb) < 0) { printf("%s: unable to get size of %s\n", argv[0], ans); break; } filelen = (size_t) fsb.st_size; if ( ((off_t) filelen) != fsb.st_size ) { - printf("%s: large file, size truncated\n", argv[0]); - break; + printf("%s: large file, size truncated\n", argv[0]); + close(fd); + break; } - filedata = malloc(filelen); - if (!filedata) { - fprintf(stderr, "out of memory\n"); - exit(1); - } - if(fread(filedata, filelen, 1, fp) != filelen) { - printf("%s: unable to get read from %s\n", argv[0], ans); + + filedata = mmap(NULL, filelen, PROT_READ, MAP_SHARED, fd,0); + if (filedata == MAP_FAILED) { + printf("Can't map %s\n", ans); + close(fd); break; - } + } ret = security_load_policy(filedata, filelen); switch (ret) { case 0: @@ -656,7 +658,8 @@ default: printf("return code 0x%x\n", ret); } - fclose(fp); + /* XXX: call munmap(filedata, filelen) or not ? */ + close(fd); break; case '8': printf("fs kdevname? ");
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200310100058.h9A0w9sU029364>