From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 18 Oct 2018 14:10:37 +0000 (+0200)
Subject: ima-setup: FOREACH_LINE excorcism
X-Git-Tag: v240~513^2~18
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2452419b3ac4926c27861b694439f70964d6f5c6;p=thirdparty%2Fsystemd.git

ima-setup: FOREACH_LINE excorcism
---

diff --git a/src/core/ima-setup.c b/src/core/ima-setup.c
index 013d6c5de33..0f9805acb3e 100644
--- a/src/core/ima-setup.c
+++ b/src/core/ima-setup.c
@@ -7,6 +7,8 @@
 #include <errno.h>
 #include <unistd.h>
 
+#include "alloc-util.h"
+#include "def.h"
 #include "fd-util.h"
 #include "fileio.h"
 #include "ima-setup.h"
@@ -22,7 +24,7 @@ int ima_setup(void) {
         _cleanup_fclose_ FILE *input = NULL;
         _cleanup_close_ int imafd = -1;
         unsigned lineno = 0;
-        char line[page_size()];
+        int r;
 
         if (access(IMA_SECFS_DIR, F_OK) < 0) {
                 log_debug("IMA support is disabled in the kernel, ignoring.");
@@ -64,10 +66,16 @@ int ima_setup(void) {
                 return 0;
         }
 
-        FOREACH_LINE(line, input,
-                     return log_error_errno(errno, "Failed to read the IMA custom policy file "IMA_POLICY_PATH": %m")) {
+        for (;;) {
+                _cleanup_free_ char *line = NULL;
                 size_t len;
 
+                r = read_line(input, LONG_LINE_MAX, &line);
+                if (r < 0)
+                        return log_error_errno(r, "Failed to read the IMA custom policy file "IMA_POLICY_PATH": %m");
+                if (r == 0)
+                        break;
+
                 len = strlen(line);
                 lineno++;