Refactor yyparse_wrapper()

Check that the expected file type got parsed

Author: cgzones

src/parse.y

@@ -37,11 +37,12 @@
 	// local variables
 	static const char *parsing_filename;
 	static struct policy_node *cur;
+	static enum node_flavor expected_node_flavor;
 %}
 
 %code provides {
 	// global prototype
-	int yyparse_wrapper(FILE *filefd, const char *filename, struct policy_node **ast);
+	struct policy_node *yyparse_wrapper(FILE *filefd, const char *filename, enum node_flavor expected_flavor);
 }
 
 %union {
@@ -194,9 +195,19 @@ comment:
 
 
 header:
-	POLICY_MODULE OPEN_PAREN STRING COMMA header_version CLOSE_PAREN { insert_header(&cur, $3, HEADER_MACRO, yylineno); free($3); } // Version number isn't needed
+	POLICY_MODULE OPEN_PAREN STRING COMMA header_version CLOSE_PAREN {
+			if (expected_node_flavor != NODE_TE_FILE) {
+				free($3);
+				yyerror("Error: Unexpected te-file parsed"); YYERROR;
+			}
+			insert_header(&cur, $3, HEADER_MACRO, yylineno); free($3); } // Version number isn't needed
 	|
-	MODULE STRING header_version SEMICOLON { insert_header(&cur, $2, HEADER_BARE, yylineno); free($2); }
+	MODULE STRING header_version SEMICOLON {
+			if (expected_node_flavor != NODE_TE_FILE) {
+				free($2);
+				yyerror("Error: Unexpected te-file parsed"); YYERROR;
+			}
+			insert_header(&cur, $2, HEADER_BARE, yylineno); free($2); }
 	;
 
 header_version:
@@ -776,9 +787,11 @@ if_line:
 	;
 
 interface_def:
-	start_interface lines end_interface
+	start_interface { if (expected_node_flavor != NODE_IF_FILE) { yyerror("Error: Unexpected if-file parsed"); YYERROR; } }
+	lines end_interface
 	|
-	start_interface end_interface
+	start_interface { if (expected_node_flavor != NODE_IF_FILE) { yyerror("Error: Unexpected if-file parsed"); YYERROR; } }
+	end_interface
 	;
 
 start_interface:
@@ -816,6 +829,10 @@ spt_line:
 
 support_def:
 	DEFINE OPEN_PAREN BACKTICK STRING SINGLE_QUOTE COMMA BACKTICK string_list SINGLE_QUOTE CLOSE_PAREN {
+			if (expected_node_flavor != NODE_SPT_FILE) {
+				free($4); free_string_list($8);
+				yyerror("Error: Unexpected spt-file parsed"); YYERROR;
+			}
 			if (ends_with($4, strlen($4), "_perms", strlen("_perms"))) {
 				insert_into_permmacros_map($4, $8);
 			} else {
@@ -824,6 +841,10 @@ support_def:
 			free($4); }
 	|
 	DEFINE OPEN_PAREN BACKTICK STRING SINGLE_QUOTE COMMA BACKTICK string_list refpolicywarn SINGLE_QUOTE CLOSE_PAREN {
+			if (expected_node_flavor != NODE_SPT_FILE) {
+				free($4); free_string_list($8);
+				yyerror("Error: Unexpected spt-file parsed"); YYERROR;
+			}
 			free($4); free_string_list($8); } // do not import
 	;
 
@@ -844,11 +865,19 @@ void yyerror(const char* s) {
 	free_check_result(res);
 }
 
-int yyparse_wrapper(FILE *filefd, const char *filename, struct policy_node **ast) {
+struct policy_node *yyparse_wrapper(FILE *filefd, const char *filename, enum node_flavor expected_flavor) {
+	struct policy_node *ast = calloc(1, sizeof(struct policy_node));
+	ast->flavor = expected_node_flavor = expected_flavor;
 	yyrestart(filefd);
 	yylineno = 1;
 	parsing_filename = filename;
-	cur = *ast;
+	cur = ast;
+
+	if (0 != yyparse()) {
+		// parser will have printed an error message
+		free_policy_node(ast);
+		return NULL;
+	}
 
-	return yyparse();
+	return ast;
 }

src/runner.c

@@ -32,8 +32,6 @@
 struct policy_node *parse_one_file(const char *filename, enum node_flavor flavor)
 {
 
-	struct policy_node *ast = calloc(1, sizeof(struct policy_node));
-	ast->flavor = flavor;
 	char *copy = strdup(filename);
 	char *mod_name = basename(copy);
 	mod_name[strlen(mod_name) - 3] = '\0'; // Remove suffix
@@ -43,14 +41,10 @@ struct policy_node *parse_one_file(const char *filename, enum node_flavor flavor
 	FILE *f = fopen(filename, "r");
 	if (!f) {
 		printf("Error opening %s\n", filename);
-		free_policy_node(ast);
-		return NULL;
-	}
-	if (0 != yyparse_wrapper(f, filename, &ast)) {
-		free_policy_node(ast);
-		fclose(f);
 		return NULL;
 	}
+
+	struct policy_node *ast = yyparse_wrapper(f, filename, flavor);
 	fclose(f);
 
 	// dont run cleanup_parsing until everything is done because it frees the maps

src/startup.c

@@ -137,24 +137,19 @@ enum selint_error load_modules_source(const char *modules_conf_path)
 
 enum selint_error load_obj_perm_sets_source(const char *obj_perm_sets_path)
 {
-	struct policy_node *ast = calloc(1, sizeof(struct policy_node));
-	ast->flavor = NODE_SPT_FILE;
-
 	FILE *f = fopen(obj_perm_sets_path, "r");
 	if (!f) {
-		free_policy_node(ast);
 		return SELINT_IO_ERROR;
 	}
 
-	if (0 != yyparse_wrapper(f, obj_perm_sets_path, &ast)) {
-		free_policy_node(ast);
-		fclose(f);
+	struct policy_node *ast = yyparse_wrapper(f, obj_perm_sets_path, NODE_SPT_FILE);
+	fclose(f);
+
+	if (ast == NULL) {
 		return SELINT_PARSE_ERROR;
 	}
 
 	free_policy_node(ast);
-	fclose(f);
-
 	return SELINT_SUCCESS;
 }
 

tests/check_parsing.c

@@ -34,13 +34,12 @@
 
 START_TEST (test_parse_basic_te) {
 
-	struct policy_node *ast = calloc(1, sizeof(struct policy_node));
-	ast->flavor = NODE_TE_FILE;
 	set_current_module_name("basic");
 
 	FILE *f = fopen(BASIC_TE_FILENAME, "r");
 	ck_assert_ptr_nonnull(f);
-	ck_assert_int_eq(0, yyparse_wrapper(f, BASIC_TE_FILENAME, &ast));
+	struct policy_node *ast = yyparse_wrapper(f, BASIC_TE_FILENAME, NODE_TE_FILE);
+	ck_assert_ptr_nonnull(ast);
 
 	struct policy_node *current = ast;
 
@@ -100,13 +99,12 @@ END_TEST
 
 START_TEST (test_parse_basic_if) {
 
-	struct policy_node *ast = calloc(1, sizeof(struct policy_node));
-	ast->flavor = NODE_IF_FILE;
 	set_current_module_name("basic");
 
 	FILE *f = fopen(BASIC_IF_FILENAME, "r");
 	ck_assert_ptr_nonnull(f);
-	ck_assert_int_eq(0, yyparse_wrapper(f, BASIC_IF_FILENAME, &ast));
+	struct policy_node *ast = yyparse_wrapper(f, BASIC_IF_FILENAME, NODE_IF_FILE);
+	ck_assert_ptr_nonnull(ast);
 
 	struct policy_node *current = ast;
 
@@ -180,12 +178,12 @@ END_TEST
 
 START_TEST (test_parse_uncommon_constructs) {
 
-	struct policy_node *ast = calloc(1, sizeof(struct policy_node));
 	set_current_module_name("uncommon");
 
 	FILE *f = fopen(UNCOMMON_TE_FILENAME, "r");
 	ck_assert_ptr_nonnull(f);
-	ck_assert_int_eq(0, yyparse_wrapper(f, UNCOMMON_TE_FILENAME, &ast));
+	struct policy_node *ast = yyparse_wrapper(f, UNCOMMON_TE_FILENAME, NODE_TE_FILE);
+	ck_assert_ptr_nonnull(ast);
 
 	ck_assert_ptr_nonnull(ast);
 
@@ -197,12 +195,12 @@ END_TEST
 
 START_TEST (test_parse_blocks) {
 
-	struct policy_node *ast = calloc(1, sizeof(struct policy_node));
 	set_current_module_name("blocks");
 
 	FILE *f = fopen(BLOCKS_TE_FILENAME, "r");
 	ck_assert_ptr_nonnull(f);
-	ck_assert_int_eq(0, yyparse_wrapper(f, BLOCKS_TE_FILENAME, &ast));
+	struct policy_node *ast = yyparse_wrapper(f, BLOCKS_TE_FILENAME, NODE_TE_FILE);
+	ck_assert_ptr_nonnull(ast);
 
 	ck_assert_ptr_nonnull(ast);
 
@@ -234,13 +232,11 @@ END_TEST
 
 START_TEST (test_parse_empty_file) {
 
-	struct policy_node *ast = calloc(1, sizeof(struct policy_node));
 	set_current_module_name("empty");
 
 	FILE *f = fopen(EMPTY_TE_FILENAME, "r");
 	ck_assert_ptr_nonnull(f);
-	ck_assert_int_eq(0, yyparse_wrapper(f, EMPTY_TE_FILENAME, &ast));
-
+	struct policy_node *ast = yyparse_wrapper(f, EMPTY_TE_FILENAME, NODE_TE_FILE);
 	ck_assert_ptr_nonnull(ast);
 
 	ck_assert_int_eq(NODE_EMPTY, ast->flavor);
@@ -256,14 +252,12 @@ END_TEST
 
 START_TEST (test_syntax_error) {
 
-	struct policy_node *ast = calloc(1, sizeof(struct policy_node));
 	set_current_module_name("syntax_error");
 
 	FILE *f = fopen(SYNTAX_ERROR_FILENAME, "r");
 	ck_assert_ptr_nonnull(f);
-	ck_assert_int_eq(1, yyparse_wrapper(f, SYNTAX_ERROR_FILENAME, &ast));
+	ck_assert_ptr_null(yyparse_wrapper(f, SYNTAX_ERROR_FILENAME, NODE_TE_FILE));
 
-	free_policy_node(ast);
 	cleanup_parsing();
 	fclose(f);
 
@@ -272,14 +266,12 @@ END_TEST
 
 START_TEST (test_parse_bad_role_allow) {
 
-	struct policy_node *ast = calloc(1, sizeof(struct policy_node));
 	set_current_module_name("bad_ra");
 
 	FILE *f = fopen(BAD_RA_FILENAME, "r");
 	ck_assert_ptr_nonnull(f);
-	ck_assert_int_eq(1, yyparse_wrapper(f, BAD_RA_FILENAME, &ast));
+	ck_assert_ptr_null(yyparse_wrapper(f, BAD_RA_FILENAME, NODE_TE_FILE));
 
-	free_policy_node(ast);
 	cleanup_parsing();
 	fclose(f);
 
@@ -288,12 +280,12 @@ END_TEST
 
 START_TEST (test_disable_comment) {
 
-	struct policy_node *ast = calloc(1, sizeof(struct policy_node));
 	set_current_module_name("disable_comment");
 
 	FILE *f = fopen(DISABLE_COMMENT_FILENAME, "r");
 	ck_assert_ptr_nonnull(f);
-	ck_assert_int_eq(0, yyparse_wrapper(f, DISABLE_COMMENT_FILENAME, &ast));
+	struct policy_node *ast = yyparse_wrapper(f, DISABLE_COMMENT_FILENAME, NODE_TE_FILE);
+	ck_assert_ptr_nonnull(ast);
 
 	ck_assert_ptr_nonnull(ast);
 	ck_assert_int_eq(NODE_TE_FILE, ast->flavor);
@@ -314,12 +306,12 @@ END_TEST
 
 START_TEST (test_bool_declarations) {
 
-	struct policy_node *ast = calloc(1, sizeof(struct policy_node));
 	set_current_module_name("bool_declarations");
 
 	FILE *f = fopen(BOOL_DECLARATION_FILENAME, "r");
 	ck_assert_ptr_nonnull(f);
-	ck_assert_int_eq(0, yyparse_wrapper(f, BOOL_DECLARATION_FILENAME, &ast));
+	struct policy_node *ast = yyparse_wrapper(f, BOOL_DECLARATION_FILENAME, NODE_TE_FILE);
+	ck_assert_ptr_nonnull(ast);
 
 	struct policy_node *current = ast;
 
@@ -435,6 +427,20 @@ START_TEST (test_bool_declarations) {
 }
 END_TEST
 
+START_TEST (test_file_flavor_mismatch) {
+
+	set_current_module_name("basic");
+
+	FILE *f = fopen(BASIC_TE_FILENAME, "r");
+	ck_assert_ptr_nonnull(f);
+	ck_assert_ptr_null(yyparse_wrapper(f, BASIC_TE_FILENAME, NODE_IF_FILE));
+
+	cleanup_parsing();
+	fclose(f);
+
+}
+END_TEST
+
 Suite *parsing_suite(void) {
 	Suite *s;
 	TCase *tc_core;
@@ -452,6 +458,7 @@ Suite *parsing_suite(void) {
 	tcase_add_test(tc_core, test_parse_bad_role_allow);
 	tcase_add_test(tc_core, test_disable_comment);
 	tcase_add_test(tc_core, test_bool_declarations);
+	tcase_add_test(tc_core, test_file_flavor_mismatch);
 	suite_add_tcase(s, tc_core);
 
 	return s;

tests/check_template.c

@@ -169,13 +169,12 @@ END_TEST
 
 START_TEST (test_nested_template_declarations) {
 
-	struct policy_node *ast = calloc(1, sizeof(struct policy_node));
-	ast->flavor = NODE_IF_FILE;
 	set_current_module_name("nested");
 
 	FILE *f = fopen(NESTED_IF_FILENAME, "r");
 	ck_assert_ptr_nonnull(f);
-	ck_assert_int_eq(0, yyparse_wrapper(f, NESTED_IF_FILENAME, &ast));
+	struct policy_node *ast = yyparse_wrapper(f, NESTED_IF_FILENAME, NODE_IF_FILE);
+	ck_assert_ptr_nonnull(ast);
 	fclose(f);
 
 	struct string_list *called_args = calloc(1,sizeof(struct string_list));
@@ -204,24 +203,20 @@ END_TEST
 START_TEST (test_declaring_template) {
 
 	// setup
-	struct policy_node *ast_if = calloc(1, sizeof(struct policy_node));
-	ck_assert_ptr_nonnull(ast_if);
-	ast_if->flavor = NODE_IF_FILE;
 	set_current_module_name("declaring_template_if");
 
 	FILE *f_if = fopen(DECLARING_IF_FILENAME, "r");
 	ck_assert_ptr_nonnull(f_if);
-	ck_assert_int_eq(0, yyparse_wrapper(f_if, DECLARING_IF_FILENAME, &ast_if));
+	struct policy_node *ast_if = yyparse_wrapper(f_if, DECLARING_IF_FILENAME, NODE_IF_FILE);
+	ck_assert_ptr_nonnull(ast_if);
 	fclose(f_if);
 
-	struct policy_node *ast_te = calloc(1, sizeof(struct policy_node));
-	ck_assert_ptr_nonnull(ast_te);
-	ast_te->flavor = NODE_IF_FILE;
 	set_current_module_name("declaring_template_te");
 
 	FILE *f_te = fopen(DECLARING_TE_FILENAME, "r");
 	ck_assert_ptr_nonnull(f_te);
-	ck_assert_int_eq(0, yyparse_wrapper(f_te, DECLARING_TE_FILENAME, &ast_te));
+	struct policy_node *ast_te = yyparse_wrapper(f_te, DECLARING_TE_FILENAME, NODE_TE_FILE);
+	ck_assert_ptr_nonnull(ast_te);
 	fclose(f_te);
 
 	// checks