On Wed, May 27, 2020 at 3:02 AM Topi Miettinen <toiwoton@xxxxxxxxx> wrote:
>
> On 26.5.2020 21.50, James Carter wrote:
> > CIL allows a type to be redeclared when using the multiple declarations
> > option ("-m" or "--muliple-decls"), but make it an error for an identifier
> > to be declared as both a type and an attribute.
> >
> > Change the error message so that it always gives the location and flavor
> > of both declarations. The flavors will be the same in all other cases,
> > but in this case they explain why there is an error even if multiple
> > declartions are allowed.
> >
> > Fixes: Commit fafe4c212bf6c32c ("libsepol: cil: Add ability to redeclare types[attributes]")
> > Reported-by: Topi Miettinen <toiwoton@xxxxxxxxx>
> > Signed-off-by: James Carter <jwcart2@xxxxxxxxx>
>
> Thanks, this prevents mismatching declarations. Does this also fix the
> memory issue and prevent that buggy policy could get loaded sometimes?
>
Yes, the two patches together will prevent the buggy policy from being
loaded. It will always give an error now.
Jim
> -Topi
