restorecon on file names with newlines are not handled properly. Use PCRE_DOTALL so that dots in regular expressions match all characters, and don't exclude the newline character. See https://www.mail-archive.com/seandroid-list@xxxxxxxxxxxxx/msg02001.html for background. Signed-off-by: Stephen Smalley <sds@xxxxxxxxxxxxx> --- libselinux/utils/sefcontext_compile.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libselinux/utils/sefcontext_compile.c b/libselinux/utils/sefcontext_compile.c index 504699d..b359e1c 100644 --- a/libselinux/utils/sefcontext_compile.c +++ b/libselinux/utils/sefcontext_compile.c @@ -100,7 +100,7 @@ static int process_file(struct saved_data *data, const char *filename) spec_hasMetaChars(spec); - re = pcre_compile(anchored_regex, 0, &err, &erroff, NULL); + re = pcre_compile(anchored_regex, PCRE_DOTALL, &err, &erroff, NULL); if (!re) { fprintf(stderr, "PCRE compilation failed for %s at offset %d: %s\n", anchored_regex, erroff, err); return -1; -- 1.9.3 _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
