Bah, the whole using linux/socket.h get AF_* tokens versus sys/socket.h

thing again. Fix to use the kernel's definition of AF_MAX in linux/socket.h if it's larger than glibc's AF_MAX definition in sys/socket.h and add a wrapper function so that we don't have include af_names.h everywhere. Also, fix memory leaks around the handling of network entries of policies.
2025-08-30 22:05:27 +00:00 · 2009-07-24 17:24:41 +00:00
parent 098598c98d
commit b8cde97ab7
6 changed files with 42 additions and 16 deletions
--- a/parser/parser_misc.c
+++ b/parser/parser_misc.c
@@ -236,6 +236,22 @@ static struct network_tuple network_mappings[] = {
 	{NULL, 0, NULL, 0, NULL, 0}
 };

+/* Yuck. We grab AF_* values to define above from linux/socket.h because
+ * they are more accurate than sys/socket.h for what the kernel actually
+ * supports. However, we can't just include linux/socket.h directly,
+ * because the AF_* definitions are protected with an ifdef KERNEL
+ * wrapper, but we don't want to define that because that can cause
+ * other redefinitions from glibc. However, because the kernel may have
+ * more definitions than glibc, we need make sure AF_MAX reflects this,
+ * hence the wrapping function.
+ */
+size_t get_af_max() {
+#if AA_AF_MAX > AF_MAX
+	return AA_AF_MAX;
+#else
+	return AF_MAX;
+#endif
+}
 struct aa_network_entry *new_network_ent(unsigned int family,
 					 unsigned int type,
 					 unsigned int protocol)