c->mask |= SD_BUS_CREDS_PPID;
} else if (item->pids.pid == 1) {
/* The structure doesn't
- * really distuingish the case
+ * really distinguish the case
* where a process has no
* parent and where we don't
* know it because it could
_cleanup_bus_creds_unref_ sd_bus_creds *c = NULL;
pid_t pid = 0;
int r;
+ bool do_label = bus->label && (mask & SD_BUS_CREDS_SELINUX_CONTEXT);
- if (!bus->ucred_valid && !isempty(bus->label))
+ /* Avoid allocating anything if we have no chance of returning useful data */
+ if (!bus->ucred_valid && !do_label)
return -ENODATA;
c = bus_creds_new();
}
}
- if (!isempty(bus->label) && (mask & SD_BUS_CREDS_SELINUX_CONTEXT)) {
+ if (do_label) {
c->label = strdup(bus->label);
if (!c->label)
return -ENOMEM;
}
case BUS_MATCH_ARG_PATH...BUS_MATCH_ARG_PATH_LAST: {
- char buf[sizeof("arg")-1 + 2 + sizeof("-slash-prefix")];
-
- xsprintf(buf, "arg%i-slash-prefix", c->type - BUS_MATCH_ARG_PATH);
- bloom_add_pair(bloom, bus->bloom_size, bus->bloom_n_hash, buf, c->value_str);
- using_bloom = true;
+ /*
+ * XXX: DBus spec defines arg[0..63]path= matching to be
+ * a two-way glob. That is, if either string is a prefix
+ * of the other, it matches.
+ * This is really hard to realize in bloom-filters, as
+ * we would have to create a bloom-match for each prefix
+ * of @c->value_str. This is excessive, hence we just
+ * ignore all those matches and accept everything from
+ * the kernel. People should really avoid those matches.
+ * If they're used in real-life some day, we will have
+ * to properly support multiple-matches here.
+ */
break;
}
~ianmdlvl / elogind.git / blobdiff