On Sat, May 1, 2021 at 10:34 AM Nicolas Iooss <nicolas.iooss@xxxxxxx> wrote:
>
> On Tue, Apr 27, 2021 at 10:43 PM James Carter <jwcart2@xxxxxxxxx> wrote:
> >
> > In struct cil_classperms_set, the "set" field is a pointer to a
> > struct cil_classpermission. Normally the classpermission is created
> > in a classpermissionset rule with a name declared in a
> > classpermission rule and stored in a symbol table. Commit c49a8ea0
> > ("libsepol/cil: cil_reset_classperms_set() should not reset
> > classpermission") fixed the resetting of classperms sets by setting
> > the "set" field to NULL rather than resetting the classpermission
> > that it pointed to.
> >
> > But this fix mixed the special case where an anonymous classperm
> > set is passed as an argument to a call. In this case the
> > classpermission is not named and not stored in a symtab, it is
> > created just for the classperms set and its classperms list needs
> > to be reset.
> >
> > Reset the classperms list if the classperms set is anonymous (which
> > is when the datum name is NULL).
> >
> > Signed-off-by: James Carter <jwcart2@xxxxxxxxx>
>
> Acked-by: Nicolas Iooss <nicolas.iooss@xxxxxxx>
>
This has been applied.
Jim
> Thanks!
> Nicolas
>
> > ---
> > libsepol/cil/src/cil_reset_ast.c | 6 +++++-
> > 1 file changed, 5 insertions(+), 1 deletion(-)
> >
> > diff --git a/libsepol/cil/src/cil_reset_ast.c b/libsepol/cil/src/cil_reset_ast.c
> > index 76405aba..d24d4f81 100644
> > --- a/libsepol/cil/src/cil_reset_ast.c
> > +++ b/libsepol/cil/src/cil_reset_ast.c
> > @@ -60,10 +60,14 @@ static void cil_reset_classpermission(struct cil_classpermission *cp)
> >
> > static void cil_reset_classperms_set(struct cil_classperms_set *cp_set)
> > {
> > - if (cp_set == NULL) {
> > + if (cp_set == NULL || cp_set->set == NULL) {
> > return;
> > }
> >
> > + if (cp_set->set->datum.name == NULL) {
> > + cil_reset_classperms_list(cp_set->set->classperms);
> > + }
> > +
> > cp_set->set = NULL;
> > }
> >
> > --
> > 2.26.3
> >
>
