Commit 02a7d77ef2bf ("libsepol: make parsing symbol table headers more
robust") broke refpolicy build, because checkmodule generates avrule
decl blocks with "decl->symtab[i].nprim = 0" for all possible i, even
when decl->symtab[SYM_ROLES] and decl->symtab[SYM_TYPES] are not
empty.
More precisely, decl->symtab[i].nprim seems to be only updated in
libsepol/src/link.c (in *_copy_callback() functions).
Revert the buggy part of commit 02a7d77ef2bf to fix this regression.
Signed-off-by: Nicolas Iooss <nicolas.iooss@xxxxxxx>
---
libsepol/src/policydb.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
index d1019e42de16..f9b2ec379c33 100644
--- a/libsepol/src/policydb.c
+++ b/libsepol/src/policydb.c
@@ -3510,10 +3510,6 @@ static int avrule_decl_read(policydb_t * p, avrule_decl_t * decl,
return -1;
nprim = le32_to_cpu(buf[0]);
nel = le32_to_cpu(buf[1]);
- if (nel && !nprim) {
- ERR(fp->handle, "unexpected items in decl symbol table with no symbol");
- return -1;
- }
for (j = 0; j < nel; j++) {
if (read_f[i] (p, decl->symtab[i].table, fp)) {
return -1;
--
2.10.2
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
