From nobody@FreeBSD.org  Tue Oct  2 16:29:47 2012
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 57FBB106566B
	for <freebsd-gnats-submit@FreeBSD.org>; Tue,  2 Oct 2012 16:29:47 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id 4180B8FC16
	for <freebsd-gnats-submit@FreeBSD.org>; Tue,  2 Oct 2012 16:29:47 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.5/8.14.5) with ESMTP id q92GTktL015108
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 2 Oct 2012 16:29:46 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.5/8.14.5/Submit) id q92GTk9V015107;
	Tue, 2 Oct 2012 16:29:46 GMT
	(envelope-from nobody)
Message-Id: <201210021629.q92GTk9V015107@red.freebsd.org>
Date: Tue, 2 Oct 2012 16:29:46 GMT
From: "Daniel U. Thibault" <daniel.thibault@drdc-rddc.gc.ca>
To: freebsd-gnats-submit@FreeBSD.org
Subject: OpenBSM-21/openbsm/libbsm/bsm_token.c au_to_socket_ex comments contradicted by code
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         172277
>Category:       kern
>Synopsis:       [openbsm] OpenBSM-21/openbsm/libbsm/bsm_token.c au_to_socket_ex comments contradicted by code
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Oct 02 16:30:25 UTC 2012
>Closed-Date:    
>Last-Modified:  Fri Oct 05 03:11:22 UTC 2012
>Originator:     Daniel U. Thibault
>Release:        
>Organization:
DRDC Valcartier
>Environment:
>Description:
The au_to_socket_ex function of bsm_token.c (a component of the current libbsm implementation) reads in part:

/*
[...]
 * Domain and type arguments to this routine are assumed to already have been
 * converted to the BSM constant space, so we don't do that here.
 */
token_t *
au_to_socket_ex(u_short so_domain, u_short so_type,
    struct sockaddr *sa_local, struct sockaddr *sa_remote)
{
[...]
	ADD_U_INT16(dptr, au_domain_to_bsm(so_domain));
	ADD_U_INT16(dptr, au_socket_type_to_bsm(so_type));

The documentation claims the socket domain and type are assumed already converted to the BSM constant space, but the code invokes au_domain_to_bsm and au_socket_type_to_bsm, two functions (bsm_domain.c) which, unless I'm very much mistaken, actually do convert from the local domain to the BSM domain.

Either the documentation needs to be corrected, or the code is wrong.
>How-To-Repeat:
Look up http://www.opensource.apple.com/source/OpenBSM/OpenBSM-21/openbsm/libbsm/bsm_token.c and http://www.opensource.apple.com/source/OpenBSM/OpenBSM-21/openbsm/libbsm/bsm_domain.c and search for au_to_socket_ex, au_domain_to_bsm and au_socket_type_to_bsm.
>Fix:
If the documentation is to be fixed, change the au_to_socket_ex preamble to conclude with:

 * Domain and type arguments to this routine are assumed to be in the local
 * constant space; they are converted to the BSM constant space before
 * incorporation in the token.
 */


>Release-Note:
>Audit-Trail:
>Unformatted:
