Skip to content

Commit c071dfb

Browse files
matejakmatejak
committed
Improved freeing process of the env_values array.
Extracted the process into a function and called it where it was missing.
1 parent 24ace42 commit c071dfb

File tree

1 file changed

+22
-21
lines changed

1 file changed

+22
-21
lines changed

src/SCE/sce_engine.c

Lines changed: 22 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -346,6 +346,15 @@ static void _pipe_try_read_into_string(int fd, struct oscap_string *string, bool
346346
}
347347
}
348348

349+
350+
static void free_env_values(char **env_values, size_t index_of_first_env_value_not_compiled_in, size_t real_env_values_count) {
351+
for (i = index_of_first_env_value_not_compiled_in; i < real_env_values_count; i++) {
352+
free(env_values[i]);
353+
}
354+
free(env_values);
355+
}
356+
357+
349358
xccdf_test_result_type_t sce_engine_eval_rule(struct xccdf_policy *policy, const char *rule_id, const char *id, const char *href,
350359
struct xccdf_value_binding_iterator *value_binding_it,
351360
struct xccdf_check_import_iterator *check_import_it,
@@ -390,6 +399,7 @@ xccdf_test_result_type_t sce_engine_eval_rule(struct xccdf_policy *policy, const
390399
// bound values in KEY=VALUE form, ready to be passed as environment variables
391400
char ** env_values = malloc(10 * sizeof(char * ));
392401
size_t env_value_count = 10;
402+
const size_t index_of_first_env_value_not_compiled_in = 10;
393403

394404
env_values[0] = "PATH=/bin:/sbin:/usr/bin:/usr/sbin";
395405

@@ -488,12 +498,7 @@ xccdf_test_result_type_t sce_engine_eval_rule(struct xccdf_policy *policy, const
488498
if (pipe(stdout_pipefd) == -1 || pipe(stderr_pipefd) == -1)
489499
{
490500
perror("pipe");
491-
// the first 9 values (0 to 8) are compiled in
492-
for (size_t i = 9; i < env_value_count; ++i)
493-
{
494-
free(env_values[i]);
495-
}
496-
free(env_values);
501+
free_env_values(env_values, index_of_first_env_value_not_compiled_in, env_value_count);
497502
return XCCDF_RESULT_ERROR;
498503
}
499504

@@ -507,9 +512,11 @@ xccdf_test_result_type_t sce_engine_eval_rule(struct xccdf_policy *policy, const
507512

508513
if (fork_result == 0)
509514
{
510-
// we won't read from the pipes, so close the reading fd
511-
close(stdout_pipefd[0]);
512-
close(stderr_pipefd[0]);
515+
free_env_values(env_values, index_of_first_env_value_not_compiled_in, env_value_count);
516+
517+
// we won't read from the pipes, so close the reading fd
518+
close(stdout_pipefd[0]);
519+
close(stderr_pipefd[0]);
513520

514521
// forward stdout and stderr to our custom opened pipes
515522
dup2(stdout_pipefd[1], fileno(stdout));
@@ -550,13 +557,15 @@ xccdf_test_result_type_t sce_engine_eval_rule(struct xccdf_policy *policy, const
550557
if (flag_stdout == -1) {
551558
oscap_seterr(OSCAP_EFAMILY_SCE, "Failed to obtain status of stdout pipe: %s",
552559
strerror(errno));
560+
free_env_values(env_values, index_of_first_env_value_not_compiled_in, env_value_count);
553561
return XCCDF_RESULT_ERROR;
554562
}
555563
int retval = fcntl(stdout_pipefd[0], F_SETFL, flag_stdout | O_NONBLOCK);
556564
if (retval == -1) {
557565
oscap_seterr(OSCAP_EFAMILY_SCE,
558566
"Failed to set nonblocking flag on stdout pipe: %s",
559567
strerror(errno));
568+
free_env_values(env_values, index_of_first_env_value_not_compiled_in, env_value_count);
560569
return XCCDF_RESULT_ERROR;
561570
}
562571

@@ -565,13 +574,15 @@ xccdf_test_result_type_t sce_engine_eval_rule(struct xccdf_policy *policy, const
565574
oscap_seterr(OSCAP_EFAMILY_SCE,
566575
"Failed to obtain status of stderr pipe: %s",
567576
strerror(errno));
577+
free_env_values(env_values, index_of_first_env_value_not_compiled_in, env_value_count);
568578
return XCCDF_RESULT_ERROR;
569579
}
570580
retval = fcntl(stderr_pipefd[0], F_SETFL, flag_stderr | O_NONBLOCK);
571581
if (retval == -1) {
572582
oscap_seterr(OSCAP_EFAMILY_SCE,
573583
"Failed to set nonblocking flag on stderr pipe: %s",
574584
strerror(errno));
585+
free_env_values(env_values, index_of_first_env_value_not_compiled_in, env_value_count);
575586
return XCCDF_RESULT_ERROR;
576587
}
577588

@@ -630,12 +641,7 @@ xccdf_test_result_type_t sce_engine_eval_rule(struct xccdf_policy *policy, const
630641
sce_session_add_check_result(session, check_result);
631642
}
632643

633-
// the first 10 values (0 to 9) are compiled in
634-
for (size_t i = 10; i < env_value_count; ++i)
635-
{
636-
free(env_values[i]);
637-
}
638-
free(env_values);
644+
free_env_values(env_values, index_of_first_env_value_not_compiled_in, env_value_count);
639645

640646
// lets interpret the check imports passed to us
641647
xccdf_check_import_iterator_reset(check_import_it);
@@ -663,12 +669,7 @@ xccdf_test_result_type_t sce_engine_eval_rule(struct xccdf_policy *policy, const
663669
}
664670
else
665671
{
666-
// the first 9 values (0 to 8) are compiled in
667-
for (size_t i = 9; i < env_value_count; ++i)
668-
{
669-
free(env_values[i]);
670-
}
671-
free(env_values);
672+
free_env_values(env_values, index_of_first_env_value_not_compiled_in, env_value_count);
672673

673674
close(stdout_pipefd[0]);
674675
close(stdout_pipefd[1]);

0 commit comments

Comments
 (0)