checkpolicy-2.8-3
- Check the result value of hashtable_search - Destroy the class datum if it fails to initialize
This commit is contained in:
Petr Lautrbach
parent
3be8c4c38c
commit
54d02ff3bf
|
|
@ -0,0 +1,28 @@
|
|||
diff --git checkpolicy-2.8/module_compiler.c checkpolicy-2.8/module_compiler.c
|
||||
index 155702f..ada7cb2 100644
|
||||
--- checkpolicy-2.8/module_compiler.c
|
||||
+++ checkpolicy-2.8/module_compiler.c
|
||||
@@ -802,6 +802,7 @@ int require_class(int pass)
|
||||
if ((datum = calloc(1, sizeof(*datum))) == NULL ||
|
||||
symtab_init(&datum->permissions, PERM_SYMTAB_SIZE)) {
|
||||
yyerror("Out of memory!");
|
||||
+ class_datum_destroy(datum);
|
||||
return -1;
|
||||
}
|
||||
ret =
|
||||
diff --git checkpolicy-2.8/policy_define.c checkpolicy-2.8/policy_define.c
|
||||
index d8788a6..ece10e7 100644
|
||||
--- checkpolicy-2.8/policy_define.c
|
||||
+++ checkpolicy-2.8/policy_define.c
|
||||
@@ -1107,6 +1107,11 @@ int define_level(void)
|
||||
(cat_datum_t *) hashtab_search(policydbp->p_cats.
|
||||
table,
|
||||
(hashtab_key_t) id);
|
||||
+ if (!cdatum) {
|
||||
+ yyerror2("unknown category %s", id);
|
||||
+ free(id);
|
||||
+ return -1;
|
||||
+ }
|
||||
range_start = range_end = cdatum->s.value - 1;
|
||||
}
|
||||
|
||||
|
|
@ -1,17 +1,17 @@
|
|||
%define libselinuxver 2.8-1
|
||||
%define libsepolver 2.8-1
|
||||
%define libselinuxver 2.8-6
|
||||
%define libsepolver 2.8-3
|
||||
|
||||
Summary: SELinux policy compiler
|
||||
Name: checkpolicy
|
||||
Version: 2.8
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
License: GPLv2
|
||||
Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/checkpolicy-2.8.tar.gz
|
||||
# download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh
|
||||
# run:
|
||||
# $ VERSION=2.8 ./make-fedora-selinux-patch.sh checkpolicy
|
||||
# HEAD https://github.com/fedora-selinux/selinux/commit/0e84c8fe6bb895d22f706be1c8f59119c6427f64
|
||||
# Patch1: checkpolicy-fedora.patch
|
||||
# HEAD https://github.com/fedora-selinux/selinux/commit/10767636b5d9b8f3fa3cf3815e860f4ca4fcb247
|
||||
Patch1: checkpolicy-fedora.patch
|
||||
Conflicts: selinux-policy-base < 3.13.1-138
|
||||
BuildRequires: gcc
|
||||
BuildRequires: byacc bison flex flex-static libsepol-static >= %{libsepolver} libselinux-devel >= %{libselinuxver}
|
||||
|
|
@ -56,6 +56,10 @@ install test/dispol ${RPM_BUILD_ROOT}%{_bindir}/sedispol
|
|||
%{_bindir}/sedispol
|
||||
|
||||
%changelog
|
||||
* Mon Jan 21 2019 Petr Lautrbach <plautrba@redhat.com> - 2.8-3
|
||||
- Check the result value of hashtable_search
|
||||
- Destroy the class datum if it fails to initialize
|
||||
|
||||
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.8-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue