Remove MLIB from PP header (#118)

jeronstone · web-flow · commit 740079a9ebb6 · 2025-09-18T11:30:36.000-04:00
* pp mlib changes

* format

* strcpy security fix w #define

* strnlen

* apply format

* add bslp to define

* docs + formatting

* fix symbol

* docs

* format

* off by 1

* test policyrule description limit

* format
diff --git a/src/policy_provider/SamplePolicyProvider.c b/src/policy_provider/SamplePolicyProvider.c
@@ -27,12 +27,24 @@
  */
 #include <stddef.h>
 #include <stdlib.h>
-
-#include <BPSecLib_Private.h>
+#include <string.h>
 #include <sys/types.h>
+#include <m-array.h>
 
+#include <BPSecLib_Private.h>
 #include "SamplePolicyProvider.h"
 
+/** @struct BSLP_SecOperPtrList_t
+ * Defines a basic list of ::BSL_SecOper_t pointers.
+ */
+/// @cond Doxygen_Suppress
+// NOLINTBEGIN
+// GCOV_EXCL_START
+M_ARRAY_DEF(BSLP_SecOperPtrList, BSL_SecOper_t *, M_PTR_OPLIST)
+// GCOV_EXCL_STOP
+// NOLINTEND
+/// @endcond
+
 static bool BSLP_PolicyProvider_IsConsistent(const BSLP_PolicyProvider_t *self)
 {
     ASSERT_ARG_NONNULL(self);
@@ -164,15 +176,15 @@ int BSLP_QueryPolicy(const void *user_data, BSL_SecurityActionSet_t *output_acti
         const BSLP_PolicyRule_t *rule = &self->rules[index];
         if (!BSLP_PolicyRule_IsConsistent(rule))
         {
-            BSL_LOG_ERR("Rule `%s` is not consistent", m_string_get_cstr(rule->description));
+            BSL_LOG_ERR("Rule `%s` is not consistent", rule->description);
             continue;
         }
-        BSL_LOG_DEBUG("Evaluating against rule `%s`", m_string_get_cstr(rule->description));
+        BSL_LOG_DEBUG("Evaluating against rule `%s`", rule->description);
 
         if (!BSLP_PolicyPredicate_IsMatch(rule->predicate, location, primary_block.field_src_node_id,
                                           primary_block.field_dest_eid))
         {
-            BSL_LOG_DEBUG("Rule `%s` not a match", m_string_get_cstr(rule->description));
+            BSL_LOG_DEBUG("Rule `%s` not a match", rule->description);
             continue;
         }
 
@@ -258,7 +270,7 @@ int BSLP_QueryPolicy(const void *user_data, BSL_SecurityActionSet_t *output_acti
             BSL_LOG_INFO("append to end");
             BSLP_SecOperPtrList_push_back(secops, sec_oper);
         }
-        BSL_LOG_INFO("Created sec operation for rule `%s`", m_string_get_cstr(rule->description));
+        BSL_LOG_INFO("Created sec operation for rule `%s`", rule->description);
     }
     BSL_PrimaryBlock_deinit(&primary_block);
 
@@ -408,7 +420,12 @@ int BSLP_PolicyRule_Init(BSLP_PolicyRule_t *self, const char *desc, BSLP_PolicyP
 {
     ASSERT_ARG_NONNULL(self);
     memset(self, 0, sizeof(*self));
-    string_init_set_str(self->description, desc);
+
+    size_t desc_sz    = strnlen(desc, BSLP_POLICYPREDICATE_ARRAY_CAPACITY);
+    self->description = BSL_MALLOC(desc_sz + 1);
+    strncpy(self->description, desc, desc_sz);
+    self->description[desc_sz] = '\0';
+
     self->sec_block_type    = sec_block_type;
     self->target_block_type = target_block_type;
     self->predicate         = predicate;
@@ -424,9 +441,8 @@ int BSLP_PolicyRule_Init(BSLP_PolicyRule_t *self, const char *desc, BSLP_PolicyP
 void BSLP_PolicyRule_Deinit(BSLP_PolicyRule_t *self)
 {
     ASSERT_ARG_EXPR(BSLP_PolicyRule_IsConsistent(self));
-    BSL_LOG_INFO("BSLP_PolicyRule_Deinit: %s, nparams=%zu", m_string_get_cstr(self->description),
-                 BSLB_SecParamList_size(self->params));
-    string_clear(self->description);
+    BSL_LOG_INFO("BSLP_PolicyRule_Deinit: %s, nparams=%zu", self->description, BSLB_SecParamList_size(self->params));
+    BSL_FREE(self->description);
     BSLB_SecParamList_clear(self->params);
     memset(self, 0, sizeof(*self));
 }
@@ -486,7 +502,7 @@ int BSLP_PolicyRule_EvaluateAsSecOper(const BSLP_PolicyRule_t *self, BSL_SecOper
         const BSL_SecParam_t *param = BSLB_SecParamList_cref(pit);
         BSL_SecOper_AppendParam(sec_oper, param);
     }
-    BSL_LOG_INFO("Created sec operation for rule `%s`", m_string_get_cstr(self->description));
+    BSL_LOG_INFO("Created sec operation for rule `%s`", self->description);
 
     return BSL_SUCCESS;
 }
diff --git a/src/policy_provider/SamplePolicyProvider.h b/src/policy_provider/SamplePolicyProvider.h
@@ -29,22 +29,9 @@
 #define BSLP_SAMPLE_POLICY_PROVIDER_H
 
 #include <stdint.h>
-#include <m-array.h>
-#include <m-string.h>
 #include <BPSecLib_Private.h>
 #include <backend/SecParam.h>
 
-/** @struct BSLP_SecOperPtrList_t
- * Defines a basic list of ::BSL_SecOper_t pointers.
- */
-/// @cond Doxygen_Suppress
-// NOLINTBEGIN
-// GCOV_EXCL_START
-M_ARRAY_DEF(BSLP_SecOperPtrList, BSL_SecOper_t *, M_PTR_OPLIST)
-// GCOV_EXCL_STOP
-// NOLINTEND
-/// @endcond
-
 /**
  * THE key function that matches a bundle against a rule to provide the output action and specific parameters to use for
  * the security operation.
@@ -90,6 +77,12 @@ void BSLP_PolicyPredicate_Deinit(BSLP_PolicyPredicate_t *self);
 bool BSLP_PolicyPredicate_IsMatch(const BSLP_PolicyPredicate_t *self, BSL_PolicyLocation_e location,
                                   BSL_HostEID_t src_eid, BSL_HostEID_t dst_eid);
 
+/**
+ * Maximum string length of a policy rule description;
+ * Affects ::BSLP_PolicyRule_Init `desc` parameter
+ */
+#define BSLP_POLICY_RULE_DESCRIPTION_MAX_STRLEN 100
+
 /**
  * @brief Represents a policy rule
  *
@@ -105,7 +98,7 @@ bool BSLP_PolicyPredicate_IsMatch(const BSLP_PolicyPredicate_t *self, BSL_Policy
  */
 typedef struct BSLP_PolicyRule_s
 {
-    string_t                  description;
+    char                     *description;
     BSLP_PolicyPredicate_t   *predicate;
     BSL_SecRole_e             role;
     BSL_BundleBlockTypeCode_e target_block_type;
@@ -119,7 +112,8 @@ typedef struct BSLP_PolicyRule_s
  * @brief Initialize this policy rule
  *
  * @param[in] self This policy rule
- * @param[in] dest Description of this rule (C-string)
+ * @param[in] dest Description of this rule (C-string). Will copy characters of parameter from index 0 to
+ * ::BSLP_POLICY_RULE_DESCRIPTION_MAX_STRLEN - 1.
  * @param[in] predicate Predicate used to identify which bundles apply
  * @param[in] context_id Security context ID
  * @param[in] role Such as source, acceptor, etc
@@ -173,7 +167,6 @@ int BSLP_PolicyRule_EvaluateAsSecOper(const BSLP_PolicyRule_t *self, BSL_SecOper
 /// @brief Concrete definition of a policy provider
 typedef struct BSLP_PolicyProvider_s
 {
-    string_t               name;
     BSLP_PolicyPredicate_t predicates[BSLP_POLICYPREDICATE_ARRAY_CAPACITY];
     size_t                 predicate_count;
     BSLP_PolicyRule_t      rules[BSLP_POLICYPREDICATE_ARRAY_CAPACITY];
diff --git a/test/test_BackendPolicyProvider.c b/test/test_BackendPolicyProvider.c
@@ -83,8 +83,6 @@ void tearDown(void)
  */
 void test_PolicyProvider_InspectEmptyRuleset(void)
 {
-    BSLP_PolicyProvider_t *policy = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID)->user_data;
-    string_init_set_str(policy->name, "Unit Test Policy Provider!");
     TEST_ASSERT_EQUAL(0,
                       BSL_TestUtils_LoadBundleFromCBOR(&LocalTestCtx, RFC9173_TestVectors_AppendixA1.cbor_bundle_bib));
 
@@ -98,7 +96,6 @@ void test_PolicyProvider_InspectEmptyRuleset(void)
     TEST_ASSERT_EQUAL(0, BSL_SecurityAction_CountSecOpers(act));
 
     BSL_SecurityActionSet_Deinit(&action_set);
-    string_clear(policy->name);
 }
 
 /**
@@ -110,7 +107,6 @@ void test_PolicyProvider_InspectEmptyRuleset(void)
 void test_PolicyProvider_InspectSingleBIBRuleset(void)
 {
     BSLP_PolicyProvider_t *policy = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID)->user_data;
-    string_init_set_str(policy->name, "Unit Test Policy Provider!");
 
     BSLP_PolicyPredicate_t *predicate = &policy->predicates[policy->predicate_count++];
     BSLP_PolicyPredicate_Init(predicate, BSL_POLICYLOCATION_APPIN, BSL_TestUtils_GetEidPatternFromText("*:**"),
@@ -131,7 +127,6 @@ void test_PolicyProvider_InspectSingleBIBRuleset(void)
     TEST_ASSERT_EQUAL(1, BSL_SecurityAction_CountSecOpers(BSL_SecurityActionSet_GetActionAtIndex(&action_set, 0)));
 
     BSL_SecurityActionSet_Deinit(&action_set);
-    string_clear(policy->name);
 }
 
 /**
@@ -140,7 +135,6 @@ void test_PolicyProvider_InspectSingleBIBRuleset(void)
 void test_PolicyProvider_Inspect_RFC9173_BIB(void)
 {
     BSLP_PolicyProvider_t *policy = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID)->user_data;
-    string_init_set_str(policy->name, "Unit Test Policy Provider!");
 
     BSLP_PolicyPredicate_t *predicate = &policy->predicates[policy->predicate_count++];
     BSLP_PolicyPredicate_Init(predicate, BSL_POLICYLOCATION_APPIN, BSL_TestUtils_GetEidPatternFromText("*:**"),
@@ -167,7 +161,6 @@ void test_PolicyProvider_Inspect_RFC9173_BIB(void)
     TEST_ASSERT_EQUAL(3, BSL_SecOper_CountParams(BSL_SecurityAction_GetSecOperAtIndex(act, 0)));
 
     BSL_SecurityActionSet_Deinit(&action_set);
-    string_clear(policy->name);
 }
 
 // TODO - test with also setting sec pararms and other things and test the RFC 9173 things.
@@ -187,11 +180,9 @@ void test_MultiplePolicyProviders(void)
 
     BSLP_PolicyProvider_t *policy = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID)->user_data;
     policy->pp_id                 = BSL_SAMPLE_PP_ID;
-    string_init_set_str(policy->name, "Unit Test Policy Provider 1!");
 
     BSLP_PolicyProvider_t *policy2 = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID_2)->user_data;
     policy2->pp_id                 = BSL_SAMPLE_PP_ID_2;
-    string_init_set_str(policy2->name, "Unit Test Policy Provider 2!");
 
     BSLP_PolicyPredicate_t *predicate = &policy->predicates[policy->predicate_count++];
     BSLP_PolicyPredicate_Init(predicate, BSL_POLICYLOCATION_APPIN, BSL_TestUtils_GetEidPatternFromText("*:**"),
@@ -254,6 +245,4 @@ void test_MultiplePolicyProviders(void)
 
     BSL_SecurityActionSet_Deinit(&action_set);
     BSL_FREE(response_set);
-    string_clear(policy->name);
-    string_clear(policy2->name);
 }
diff --git a/test/test_PublicInterfaceImpl.c b/test/test_PublicInterfaceImpl.c
@@ -135,7 +135,6 @@ void setUp(void)
     TEST_ASSERT_EQUAL(0, BSL_API_RegisterPolicyProvider(&LocalTestCtx.bsl, BSL_SAMPLE_PP_ID, policy_desc));
 
     BSLP_PolicyProvider_t *policy = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID)->user_data;
-    string_init_set_str(policy->name, "Unit Test Policy Provider!");
 
     policy->pp_id = 1;
 
@@ -569,8 +568,6 @@ void setUp(void)
 void tearDown(void)
 {
     BSL_SecurityActionSet_Deinit(&action_set);
-    BSLP_PolicyProvider_t *policy = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID)->user_data;
-    string_clear(policy->name);
     mock_bpa_ctr_deinit(&LocalTestCtx.mock_bpa_ctr);
     BSL_CryptoDeinit();
     TEST_ASSERT_EQUAL(0, BSL_API_DeinitLib(&LocalTestCtx.bsl));
diff --git a/test/test_SamplePolicyProvider.c b/test/test_SamplePolicyProvider.c
@@ -122,4 +122,41 @@ void test_SamplePolicyProvider_WildcardPolicyRuleVerifiesBIB(void)
     BSLP_PolicyPredicate_Deinit(&predicate);
 }
 
+TEST_CASE("")
+TEST_CASE("1")
+TEST_CASE(
+    "0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789") // 100 char
+TEST_CASE(
+    "01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890") // 101 char
+void test_SamplePolicyProvider_PolicyRuleInit_Description(const char *description)
+{
+    BSLP_PolicyPredicate_t predicate;
+    BSLP_PolicyPredicate_Init(&predicate, BSL_POLICYLOCATION_APPIN, BSL_TestUtils_GetEidPatternFromText("*:**"),
+                              BSL_TestUtils_GetEidPatternFromText("*:**"), BSL_TestUtils_GetEidPatternFromText("*:**"));
+
+    BSLP_PolicyRule_t rule;
+    BSLP_PolicyRule_Init(&rule, description, &predicate, 1, BSL_SECROLE_VERIFIER, BSL_SECBLOCKTYPE_BIB,
+                         BSL_BLOCK_TYPE_PAYLOAD, BSL_POLICYACTION_DROP_BUNDLE);
+
+    TEST_ASSERT_LESS_OR_EQUAL(BSLP_POLICY_RULE_DESCRIPTION_MAX_STRLEN, strlen(rule.description));
+
+    if (strlen(description) <= BSLP_POLICY_RULE_DESCRIPTION_MAX_STRLEN)
+    {
+        TEST_ASSERT_EQUAL(strlen(description), strlen(rule.description));
+    }
+    else
+    {
+        TEST_ASSERT_EQUAL(BSLP_POLICY_RULE_DESCRIPTION_MAX_STRLEN, strlen(rule.description));
+    }
+
+    // unity doesn't like TEST_ASSERT_EQUAL_MEMORY call on 0 length buffer
+    if (strlen(description) > 0)
+    {
+        TEST_ASSERT_EQUAL_MEMORY(description, rule.description, strlen(rule.description));
+    }
+
+    BSLP_PolicyRule_Deinit(&rule);
+    BSLP_PolicyPredicate_Deinit(&predicate);
+}
+
 // TODO(bvb) more tests with more granular predicates and rules
