int apol_filename_trans_get_by_query(const apol_policy_t * p, const apol_filename_trans_query_t * t, apol_vector_t ** v) { apol_vector_t *source_list = NULL, *target_list = NULL, *class_list = NULL, *default_list = NULL; int retval = -1, source_as_any = 0, is_regex = 0; *v = NULL; qpol_iterator_t *iter = NULL; if (t != NULL) { is_regex = t->flags & APOL_QUERY_REGEX; if (t->source != NULL && (source_list = apol_query_create_candidate_type_list(p, t->source, is_regex, t->flags & APOL_QUERY_SOURCE_INDIRECT, ((t->flags & (APOL_QUERY_SOURCE_TYPE | APOL_QUERY_SOURCE_ATTRIBUTE)) / APOL_QUERY_SOURCE_TYPE))) == NULL) { goto cleanup; } if ((t->flags & APOL_QUERY_SOURCE_AS_ANY) && t->source != NULL) { default_list = target_list = source_list; source_as_any = 1; } else { if (t->target != NULL && (target_list = apol_query_create_candidate_type_list(p, t->target, is_regex, t->flags & APOL_QUERY_TARGET_INDIRECT, ((t-> flags & (APOL_QUERY_TARGET_TYPE | APOL_QUERY_TARGET_ATTRIBUTE)) / APOL_QUERY_TARGET_TYPE))) == NULL) { goto cleanup; } if (t->default_type != NULL && (default_list = apol_query_create_candidate_type_list(p, t->default_type, is_regex, 0, APOL_QUERY_SYMBOL_IS_TYPE)) == NULL) { goto cleanup; } } if (t->classes != NULL && apol_vector_get_size(t->classes) > 0 && (class_list = apol_query_create_candidate_class_list(p, t->classes)) == NULL) { goto cleanup; } } if (qpol_policy_get_filename_trans_iter(p->p, &iter) < 0) { goto cleanup; } if ((*v = apol_vector_create(NULL)) == NULL) { ERR(p, "%s", strerror(errno)); goto cleanup; } for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) { int match_source = 0, match_target = 0, match_default = 0; size_t i; qpol_filename_trans_t *filename_trans; if (qpol_iterator_get_item(iter, (void **)&filename_trans) < 0) { goto cleanup; } if (source_list == NULL) { match_source = 1; } else { const qpol_type_t *source_type; if (qpol_filename_trans_get_source_type(p->p, filename_trans, &source_type) < 0) { goto cleanup; } if (apol_vector_get_index(source_list, source_type, NULL, NULL, &i) == 0) { match_source = 1; } } /* if source did not match, but treating source symbol * as any field, then delay rejecting this filename_trans until * the target and default have been checked */ if (!source_as_any && !match_source) { continue; } if (target_list == NULL || (source_as_any && match_source)) { match_target = 1; } else { const qpol_type_t *target_type; if (qpol_filename_trans_get_target_type(p->p, filename_trans, &target_type) < 0) { goto cleanup; } if (apol_vector_get_index(target_list, target_type, NULL, NULL, &i) == 0) { match_target = 1; } } if (!source_as_any && !match_target) { continue; } if (default_list == NULL || (source_as_any && match_source) || (source_as_any && match_target)) { match_default = 1; } else { const qpol_type_t *default_type; if (qpol_filename_trans_get_default_type(p->p, filename_trans, &default_type) < 0) { goto cleanup; } if (apol_vector_get_index(default_list, default_type, NULL, NULL, &i) == 0) { match_default = 1; } } if (!source_as_any && !match_default) { continue; } /* at least one thing must match if source_as_any was given */ if (source_as_any && (!match_source && !match_target && !match_default)) { continue; } if (class_list != NULL) { const qpol_class_t *obj_class; if (qpol_filename_trans_get_object_class(p->p, filename_trans, &obj_class) < 0) { goto cleanup; } if (apol_vector_get_index(class_list, obj_class, NULL, NULL, &i) < 0) { continue; } } if (apol_vector_append(*v, filename_trans)) { ERR(p, "%s", strerror(ENOMEM)); goto cleanup; } } retval = 0; cleanup: if (retval != 0) { apol_vector_destroy(v); } apol_vector_destroy(&source_list); if (!source_as_any) { apol_vector_destroy(&target_list); apol_vector_destroy(&default_list); } apol_vector_destroy(&class_list); qpol_iterator_destroy(&iter); return retval; }
static PyObject* get_ft_results(const apol_policy_t * policy, const apol_vector_t * v, PyObject *list) { PyObject *dict = NULL; size_t i, num_filename_trans = 0; const char *tmp_name; int error = 0; int rt; const qpol_filename_trans_t *filename_trans = NULL; const qpol_class_t *obj_class = NULL; char *tmp = NULL, *filename_trans_str = NULL, *expr = NULL; qpol_policy_t *q; const qpol_type_t *type = NULL; if (!policy || !v) { errno = EINVAL; goto err; } if (!(num_filename_trans = apol_vector_get_size(v))) return NULL; q = apol_policy_get_qpol(policy); for (i = 0; i < num_filename_trans; i++) { if (!(filename_trans = apol_vector_get_element(v, i))) goto err; dict = PyDict_New(); if (!dict) goto err; if (py_insert_string(dict, "type", "type_transition")) goto err; /* source type */ if (qpol_filename_trans_get_source_type(q, filename_trans, &type)) { goto err; } if (qpol_type_get_name(q, type, &tmp_name)) { goto err; } if (py_insert_string(dict, "source", tmp_name)) goto err; if (qpol_filename_trans_get_target_type(q, filename_trans, &type)) goto err; if (qpol_type_get_name(q, type, &tmp_name)) goto err; if (py_insert_string(dict, "target", tmp_name)) goto err; if (qpol_filename_trans_get_object_class(q, filename_trans, &obj_class)) goto err; if (qpol_class_get_name(q, obj_class, &tmp_name)) goto err; if (py_insert_string(dict, "class", tmp_name)) goto err; if (qpol_filename_trans_get_default_type(q, filename_trans, &type)) goto err; if (qpol_type_get_name(q, type, &tmp_name)) goto err; if (py_insert_string(dict, "transtype", tmp_name)) goto err; if (! qpol_filename_trans_get_filename(q, filename_trans, &tmp_name)) { if (py_insert_string(dict, "filename", tmp_name)) goto err; } rt = py_append_obj(list, dict); dict = NULL; if (rt) goto err; free(filename_trans_str); filename_trans_str = NULL; free(expr); expr = NULL; } goto cleanup; err: error = errno; PyErr_SetString(PyExc_RuntimeError,strerror(errno)); py_decref(dict); cleanup: free(tmp); free(filename_trans_str); free(expr); errno = error; return list; }
char *apol_filename_trans_render(const apol_policy_t * policy, const qpol_filename_trans_t * filename_trans) { char *tmp = NULL; const char *tmp_name = NULL; int error = 0; size_t tmp_sz = 0; const qpol_type_t *type = NULL; const qpol_class_t *obj_class = NULL; if (!policy || !filename_trans) { ERR(policy, "%s", strerror(EINVAL)); errno = EINVAL; return NULL; } /* source type */ if (qpol_filename_trans_get_source_type(policy->p, filename_trans, &type)) { error = errno; goto err; } if (qpol_type_get_name(policy->p, type, &tmp_name)) { error = errno; goto err; } if (apol_str_appendf(&tmp, &tmp_sz, "type_transition %s ", tmp_name)) { error = errno; ERR(policy, "%s", strerror(error)); goto err; } /* target type */ if (qpol_filename_trans_get_target_type(policy->p, filename_trans, &type)) { error = errno; goto err; } if (qpol_type_get_name(policy->p, type, &tmp_name)) { error = errno; goto err; } if (apol_str_appendf(&tmp, &tmp_sz, "%s : ", tmp_name)) { error = errno; ERR(policy, "%s", strerror(error)); goto err; } /* object class */ if (qpol_filename_trans_get_object_class(policy->p, filename_trans, &obj_class)) { error = errno; goto err; } if (qpol_class_get_name(policy->p, obj_class, &tmp_name)) { error = errno; goto err; } if (apol_str_appendf(&tmp, &tmp_sz, "%s ", tmp_name)) { error = errno; ERR(policy, "%s", strerror(error)); goto err; } /* default type */ if (qpol_filename_trans_get_default_type(policy->p, filename_trans, &type)) { error = errno; goto err; } if (qpol_type_get_name(policy->p, type, &tmp_name)) { error = errno; goto err; } if (apol_str_appendf(&tmp, &tmp_sz, "%s", tmp_name)) { error = errno; ERR(policy, "%s", strerror(error)); goto err; } /* filename */ if (qpol_filename_trans_get_filename(policy->p, filename_trans, &tmp_name)) { error = errno; goto err; } if (apol_str_appendf(&tmp, &tmp_sz, " \"%s\";", tmp_name)) { error = errno; ERR(policy, "%s", strerror(error)); goto err; } return tmp; err: free(tmp); errno = error; return NULL; }