comdatum = datum;
p = datap;
+ if (!comdatum->value || comdatum->value > p->p_commons.nprim)
+ return -EINVAL;
p->p_common_val_to_name[comdatum->value - 1] = key;
return 0;
}
cladatum = datum;
p = datap;
+ if (!cladatum->value || cladatum->value > p->p_classes.nprim)
+ return -EINVAL;
p->p_class_val_to_name[cladatum->value - 1] = key;
p->class_val_to_struct[cladatum->value - 1] = cladatum;
return 0;
role = datum;
p = datap;
+ if (!role->value || role->value > p->p_roles.nprim)
+ return -EINVAL;
p->p_role_val_to_name[role->value - 1] = key;
p->role_val_to_struct[role->value - 1] = role;
return 0;
typdatum = datum;
p = datap;
- if (typdatum->primary)
+ if (typdatum->primary) {
+ if (!typdatum->value || typdatum->value > p->p_types.nprim)
+ return -EINVAL;
p->p_type_val_to_name[typdatum->value - 1] = key;
+ }
return 0;
}
usrdatum = datum;
p = datap;
+ if (!usrdatum->value || usrdatum->value > p->p_users.nprim)
+ return -EINVAL;
p->p_user_val_to_name[usrdatum->value - 1] = key;
p->user_val_to_struct[usrdatum->value - 1] = usrdatum;
return 0;
struct role_datum *role;
struct user_datum *usrdatum;
- /*
- * Role must be authorized for the type.
- */
if (!c->role || c->role > p->p_roles.nprim)
return 0;
+ if (!c->user || c->user > p->p_users.nprim)
+ return 0;
+
+ if (!c->type || c->type > p->p_types.nprim)
+ return 0;
+
if (c->role != OBJECT_R_VAL) {
+ /*
+ * Role must be authorized for the type.
+ */
role = p->role_val_to_struct[c->role - 1];
if (!ebitmap_get_bit(&role->types,
c->type - 1))
/*
* User must be authorized for the role.
*/
- if (!c->user || c->user > p->p_users.nprim)
- return 0;
usrdatum = p->user_val_to_struct[c->user - 1];
if (!usrdatum)
return 0;