On Wed, Sep 9, 2020 at 4:58 PM James Carter <jwcart2@xxxxxxxxx> wrote: > > CIL was not correctly determining the depth of conditional expressions > which prevented it from giving an error when the max depth was exceeded. > This allowed invalid policy binaries to be created. > > Validate the conditional expression using the same logic that is used > when evaluating a conditional expression. This includes checking the > depth of the expression. > > Signed-off-by: James Carter <jwcart2@xxxxxxxxx> Acked-by: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
