On 04/13/2016 03:19 PM, James Carter wrote:
Dan Walsh found a bug that resulted in a seg fault while working on docker policy.
Steve Smalley was able to reproduce and find out where it was occuring in secilc.
This patch set fixes that bug and makes other improvements in the bounds and
neverallow checking.
James Carter (3):
libsepol/cil: Fixed bug in cil_type_match_any()
libsepol/cil: Improve type bounds check reporting
libsepol/cil: Cleanup neverallow checking and fail if bounds checking
fails
libsepol/cil/src/cil_binary.c | 74 +++++++++++++++++++++++--------------------
libsepol/cil/src/cil_find.c | 6 +++-
2 files changed, 44 insertions(+), 36 deletions(-)
Applied.
--
James Carter <jwcart2@xxxxxxxxxxxxx>
National Security Agency
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
