if (program->tokens == NULL) {
goto fail;
}
- /*
- * When interpreting the program we will need a stack, which in the
- * very worst case can be as deep as the program is long.
- */
- program->stack = talloc_array(program,
- struct ace_condition_token,
- program->length + 1);
- if (program->stack == NULL) {
- goto fail;
- }
-
return program;
fail:
talloc_free(program);
struct ace_condition_token *lhs = NULL;
struct ace_condition_token *rhs = NULL;
struct ace_condition_token result = {};
+ struct ace_condition_token *stack = NULL;
bool ok;
+ /*
+ * When interpreting the program we will need a stack, which in the
+ * very worst case can be as deep as the program is long.
+ */
+ stack = talloc_array(mem_ctx,
+ struct ace_condition_token,
+ program->length + 1);
+ if (stack == NULL) {
+ goto error;
+ }
+
for (i = 0; i < program->length; i++) {
struct ace_condition_token *tok = &program->tokens[i];
switch (tok->type) {
case CONDITIONAL_ACE_TOKEN_SID:
case CONDITIONAL_ACE_TOKEN_COMPOSITE:
/* just plonk these literals on the stack */
- program->stack[depth] = *tok;
+ stack[depth] = *tok;
depth++;
break;
if (! ok) {
goto error;
}
- program->stack[depth] = result;
+ stack[depth] = result;
depth++;
break;
if (! ok) {
goto error;
}
- program->stack[depth] = result;
+ stack[depth] = result;
depth++;
break;
goto error;
}
depth--;
- lhs = &program->stack[depth];
+ lhs = &stack[depth];
ok = member_lookup(token, tok, lhs, &result);
if (! ok) {
goto error;
}
- program->stack[depth] = result;
+ stack[depth] = result;
depth++;
break;
/* binary relational operators */
goto error;
}
depth--;
- rhs = &program->stack[depth];
+ rhs = &stack[depth];
depth--;
- lhs = &program->stack[depth];
+ lhs = &stack[depth];
ok = relational_operator(token, tok, lhs, rhs, &result);
if (! ok) {
goto error;
}
- program->stack[depth] = result;
+ stack[depth] = result;
depth++;
break;
/* unary logical operators */
goto error;
}
depth--;
- lhs = &program->stack[depth];
+ lhs = &stack[depth];
ok = unary_logic_operator(mem_ctx, token, tok, lhs, sd, &result);
if (!ok) {
goto error;
}
- program->stack[depth] = result;
+ stack[depth] = result;
depth++;
break;
/* binary logical operators */
goto error;
}
depth--;
- rhs = &program->stack[depth];
+ rhs = &stack[depth];
depth--;
- lhs = &program->stack[depth];
+ lhs = &stack[depth];
ok = binary_logic_operator(token, tok, lhs, rhs, &result);
if (! ok) {
goto error;
}
- program->stack[depth] = result;
+ stack[depth] = result;
depth++;
break;
default:
if (depth != 1) {
goto error;
}
- result = program->stack[0];
+ result = stack[0];
if (result.type != CONDITIONAL_ACE_SAMBA_RESULT_BOOL) {
goto error;
}
-
+ TALLOC_FREE(stack);
return result.data.result.value;
error:
* the result of an error is always UNKNOWN, which should be
* interpreted pessimistically, not allowing access.
*/
+ TALLOC_FREE(stack);
return ACE_CONDITION_UNKNOWN;
}
TALLOC_FREE(program);
return false;
}
- program->stack = talloc_array(program,
- struct ace_condition_token,
- max_stack + 1);
- if (program->stack == NULL) {
+ comp->program = program;
+ comp->stack = talloc_array(program,
+ struct ace_condition_token,
+ max_stack + 1);
+ if (comp->stack == NULL) {
TALLOC_FREE(program);
return false;
}
- comp->program = program;
- /* we can borrow the program stack for the operator stack */
- comp->stack = program->stack;
comp->target = program->tokens;
comp->target_len = &program->length;
comp->length = strlen(sddl);
projects / thirdparty / samba.git / commitdiff
