From 3bc0b15a82b0e05ea1b79915c9b779c2d4792e19 Mon Sep 17 00:00:00 2001
From: Tyler Hicks <tyhicks@canonical.com>
Date: Wed, 22 Oct 2014 11:15:53 -0400
Subject: [FIX FOR 06/13] fix: make confinement mode ptr a const and document the semantics

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
---
 bus/apparmor.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/bus/apparmor.c b/bus/apparmor.c
index 660bc11..2af1d9c 100644
--- a/bus/apparmor.c
+++ b/bus/apparmor.c
@@ -69,15 +69,26 @@ struct BusAppArmorConfinement
   int refcount; /* Reference count */
 
   char *context; /* AppArmor confinement context (label) */
-  char *mode;    /* AppArmor confinement mode */
+  const char *mode; /* AppArmor confinement mode (freed by freeing *context) */
 };
 
 typedef struct BusAppArmorConfinement BusAppArmorConfinement;
 
 static BusAppArmorConfinement *bus_con = NULL;
 
+/**
+ * Callers of this function give up ownership of the *context and *mode
+ * pointers.
+ *
+ * Additionally, the responsibility of freeing *context and *mode becomes the
+ * responsibility of the bus_apparmor_confinement_unref() function. However, it
+ * does not free *mode because libapparmor's aa_getcon(), and libapparmor's
+ * other related functions, allocate a single buffer for *context and *mode and
+ * then separate the two char arrays with a NUL char. See the aa_getcon(2) man
+ * page for more details.
+ */
 static BusAppArmorConfinement*
-bus_apparmor_confinement_new (char *context, char *mode)
+bus_apparmor_confinement_new (char *context, const char *mode)
 {
   BusAppArmorConfinement *confinement;
 
-- 
2.1.0