On Thu, Aug 25, 2022 at 9:45 AM Juraj Marcin <juraj@xxxxxxxxxxxxxxx> wrote:
>
> CIL Reference Guide defines typetransition rule with double quotes
> around object name, but those are not present in the format string.
>
> This patch fixes this issue, so the CIL output produced by
> sepol_kernel_policydb_to_cil() is in the correct format.
>
> Signed-off-by: Juraj Marcin <juraj@xxxxxxxxxxxxxxx>
Despite what the CIL Reference Guide says, the quotes are not
required, but it is best practice to use them.
Acked-by: James Carter <jwcart2@xxxxxxxxx>
> ---
> libsepol/src/kernel_to_cil.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c
> index 5a1336a3..ad4121d5 100644
> --- a/libsepol/src/kernel_to_cil.c
> +++ b/libsepol/src/kernel_to_cil.c
> @@ -1894,7 +1894,7 @@ static int map_filename_trans_to_str(hashtab_key_t key, void *data, void *arg)
> ebitmap_for_each_positive_bit(&datum->stypes, node, bit) {
> src = pdb->p_type_val_to_name[bit];
> rc = strs_create_and_add(strs,
> - "(typetransition %s %s %s %s %s)",
> + "(typetransition %s %s %s \"%s\" %s)",
> 5, src, tgt, class, filename, new);
> if (rc)
> return rc;
> --
> 2.37.1
>
