Patches 1-4 fix bug found directly by the secilc-fuzzer. Patch 6 is the same class of bug as that fixed with patch 4. Patch 5 fixes problems found while investigating patch 4 and 6. James Carter (6): libsepol/cil: Handle disabled optional blocks in earlier passes libsepol/cil: Destroy the permission nodes when exiting with an error libsepol/cil: Limit the number of open parenthesis allowed libsepol/cil: Resolve anonymous class permission sets only once libsepol/cil: Pointers to datums should be set to NULL when resetting libsepol/cil: Resolve anonymous levels only once libsepol/cil/src/cil_build_ast.c | 2 + libsepol/cil/src/cil_parser.c | 7 +++- libsepol/cil/src/cil_reset_ast.c | 56 +++++++++++++++++++++++++-- libsepol/cil/src/cil_resolve_ast.c | 62 +++++++++++++++++------------- 4 files changed, 97 insertions(+), 30 deletions(-) -- 2.26.3
