On Wed, 6 Aug 2008, Vesa-Matti Kari wrote: > expr_isvalid() in conditional.c was off-by-one and allowed > invalid expression type COND_LAST. However, it is this header file > that needs to be fixed. That way the if-statement's disjunction's > second component reads more naturally, "if expr type is greater than > the last allowed value" ( rather than using ">=" in conditional.c): > > if (expr->expr_type <= 0 || expr->expr_type > COND_LAST) > > Signed-off-by: Vesa-Matti Kari <vmkari@xxxxxxxxxxxxxx> Thanks, nice catch. Applied to git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6#next - James -- James Morris <jmorris@xxxxxxxxx> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
