On 06/30/2014 04:12 PM, Namhyung Kim wrote:
> It seems context_new() and _free() are used for checking validity of
> a specified context. The libselinux provides security_check_context
> for this purpose so use it.
>
> Note that context_new() can fail for a valid context - e.g. ENOMEM.
>
> * src/chcon.c (main): Use security_check_context().
> ---
> src/chcon.c | 5 +----
> 1 file changed, 1 insertion(+), 4 deletions(-)
>
> diff --git a/src/chcon.c b/src/chcon.c
> index 32d4b0f..cd5fba3 100644
> --- a/src/chcon.c
> +++ b/src/chcon.c
> @@ -555,13 +555,10 @@ main (int argc, char **argv)
> }
> else
> {
> - context_t context;
> specified_context = argv[optind++];
> - context = context_new (specified_context);
> - if (!context)
> + if (security_check_context (specified_context) < 0)
> error (EXIT_FAILURE, 0, _("invalid context: %s"),
> quotearg_colon (specified_context));
> - context_free (context);
> }
>
> if (reference_file && component_specified)
>
security_check_context() is already used by `runcon`,
so this change looks good to me.
