summaryrefslogtreecommitdiff
path: root/src/bus-proxyd/bus-policy.c
diff options
context:
space:
mode:
authorTom Gundersen <teg@jklm.no>2014-09-25 15:49:43 +0200
committerTom Gundersen <teg@jklm.no>2014-09-25 15:59:24 +0200
commit94a2c2f64a1379ca5c9ce4dbbee45ce17250ab51 (patch)
tree687792ece90bdaaa6354db36e47efbb3eac1a573 /src/bus-proxyd/bus-policy.c
parenta34286684ebb78dd3db0d7f34feb2c121c9d00cc (diff)
bus-proxyd: add some asserts
Both as documentation, and to make Coverity happy. Fixes CID #1241495 and #1241496.
Diffstat (limited to 'src/bus-proxyd/bus-policy.c')
-rw-r--r--src/bus-proxyd/bus-policy.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/src/bus-proxyd/bus-policy.c b/src/bus-proxyd/bus-policy.c
index 165e763f57..0de7680d4b 100644
--- a/src/bus-proxyd/bus-policy.c
+++ b/src/bus-proxyd/bus-policy.c
@@ -611,11 +611,16 @@ struct policy_check_filter {
static int is_permissive(PolicyItem *i) {
+ assert(i);
+
return (i->type == POLICY_ITEM_ALLOW) ? ALLOW : DENY;
}
static int check_policy_item(PolicyItem *i, const struct policy_check_filter *filter) {
+ assert(i);
+ assert(filter);
+
switch (i->class) {
case POLICY_ITEM_SEND:
case POLICY_ITEM_RECV:
@@ -643,21 +648,29 @@ static int check_policy_item(PolicyItem *i, const struct policy_check_filter *fi
return is_permissive(i);
case POLICY_ITEM_OWN:
+ assert(filter->member);
+
if (streq(i->name, filter->member))
return is_permissive(i);
break;
case POLICY_ITEM_OWN_PREFIX:
+ assert(filter->member);
+
if (startswith(i->name, filter->member))
return is_permissive(i);
break;
case POLICY_ITEM_USER:
+ assert(filter->ucred);
+
if ((streq_ptr(i->name, "*") || (i->uid_valid && i->uid == filter->ucred->uid)))
return is_permissive(i);
break;
case POLICY_ITEM_GROUP:
+ assert(filter->ucred);
+
if ((streq_ptr(i->name, "*") || (i->gid_valid && i->gid == filter->ucred->gid)))
return is_permissive(i);
break;
@@ -675,6 +688,9 @@ static int check_policy_items(PolicyItem *items, const struct policy_check_filte
PolicyItem *i;
int r, ret = DUNNO;
+ assert(items);
+ assert(filter);
+
/* Check all policies in a set - a broader one might be followed by a more specific one,
* and the order of rules in policy definitions matters */
LIST_FOREACH(items, i, items) {
@@ -694,6 +710,9 @@ static int policy_check(Policy *p, const struct policy_check_filter *filter) {
PolicyItem *items;
int r;
+ assert(p);
+ assert(filter);
+
/*
* The policy check is implemented by the following logic:
*