On Wed, Apr 28, 2021 at 4:17 PM James Carter <jwcart2@xxxxxxxxx> wrote: > > These patches are all related by the fact that the secilc-fuzzer > identified the bugs that led to them. Wherever possible I have > tried to fix all of the issues related to the specific one found. > > James Carter (5): > libsepol/cil: Fix instances where an error returns SEPOL_OK > libsepol/cil: Detect degenerate inheritance and exit with an error > libsepol/cil: Check datum in ordered list for expected flavor > libsepol/cil: Check for self-referential loops in sets > libsepol/cil: Return an error if a call argument fails to resolve > > libsepol/cil/src/cil_build_ast.c | 3 + > libsepol/cil/src/cil_internal.h | 2 + > libsepol/cil/src/cil_resolve_ast.c | 107 ++++++++++++++++++++--------- > libsepol/cil/src/cil_verify.c | 97 ++++++++++++++++++-------- > libsepol/cil/src/cil_verify.h | 1 - > 5 files changed, 151 insertions(+), 59 deletions(-) > > -- > 2.26.3 > All but patch 4 has been applied. I will send a v2 for patch 4 based on the suggested by Nicolas. Jim
