Update to latest patches from eparis/Upstream

libselinux-rhat.patch

@@ -6205,20 +6205,71 @@ index 825f295..d11c8dc 100644
 -    S_(BOOLEAN_SUBS, "/booleans.subs")
 +    S_(BOOLEAN_SUBS, "/booleans.subs_dist")
 diff --git a/libselinux/src/get_context_list.c b/libselinux/src/get_context_list.c
-index e02157c..eb72593 100644
+index e02157c..355730a 100644
 --- a/libselinux/src/get_context_list.c
 +++ b/libselinux/src/get_context_list.c
-@@ -489,11 +489,19 @@ int get_ordered_context_list(const char *user,
+@@ -426,7 +426,7 @@ int get_ordered_context_list(const char *user,
+ 	/* Initialize ordering array. */
+ 	ordering = malloc(nreach * sizeof(unsigned int));
+ 	if (!ordering)
+-		goto oom_order;
++		goto failsafe;
+ 	for (i = 0; i < nreach; i++)
+ 		ordering[i] = nreach;
+ 
+@@ -435,7 +435,7 @@ int get_ordered_context_list(const char *user,
+ 	fname_len = strlen(user_contexts_path) + strlen(user) + 2;
+ 	fname = malloc(fname_len);
+ 	if (!fname)
+-		goto oom_order;
++		goto failsafe;
+ 	snprintf(fname, fname_len, "%s%s", user_contexts_path, user);
+ 	fp = fopen(fname, "r");
+ 	if (fp) {
+@@ -465,35 +465,35 @@ int get_ordered_context_list(const char *user,
+ 		}
+ 	}
+ 
++	if (!nordered)
++		goto failsafe;
++
+ 	/* Apply the ordering. */
+-	if (nordered) {
+-		co = malloc(nreach * sizeof(struct context_order));
+-		if (!co)
+-			goto oom_order;
+-		for (i = 0; i < nreach; i++) {
+-			co[i].con = reachable[i];
+-			co[i].order = ordering[i];
+-		}
+-		qsort(co, nreach, sizeof(struct context_order), order_compare);
+-		for (i = 0; i < nreach; i++)
+-			reachable[i] = co[i].con;
+-		free(co);
++	co = malloc(nreach * sizeof(struct context_order));
++	if (!co)
++		goto failsafe;
++	for (i = 0; i < nreach; i++) {
++		co[i].con = reachable[i];
++		co[i].order = ordering[i];
+ 	}
++	qsort(co, nreach, sizeof(struct context_order), order_compare);
++	for (i = 0; i < nreach; i++)
++		reachable[i] = co[i].con;
++	free(co);
+ 
+-	/* Return the ordered list. 
+-	   If we successfully ordered it, then only report the ordered entries
+-	   to the caller.  Otherwise, fall back to the entire reachable list. */
+-	if (nordered && nordered < nreach) {
++	/* Only report the ordered entries to the caller. */
++	if (nordered < nreach) {
+ 		for (i = nordered; i < nreach; i++)
+ 			free(reachable[i]);
  		reachable[nordered] = NULL;
  		rc = nordered;
- 	} else {
+-	} else {
 -		rc = nreach;
-+		if (security_getenforce()) {
-+			errno = EPERM;
-+			rc = -1;
-+		} else {
-+			rc = nreach;
-+		}
  	}
  
        out:
@@ -6230,6 +6281,21 @@ index e02157c..eb72593 100644
  
  	free(ordering);
  	if (freefrom)
+@@ -520,14 +520,6 @@ int get_ordered_context_list(const char *user,
+ 	}
+ 	rc = 1;			/* one context in the list */
+ 	goto out;
+-
+-      oom_order:
+-	/* Unable to order context list due to OOM condition.
+-	   Fall back to unordered reachable context list. */
+-	fprintf(stderr, "%s:  out of memory, unable to order list\n",
+-		__FUNCTION__);
+-	rc = nreach;
+-	goto out;
+ }
+ 
+ hidden_def(get_ordered_context_list)
 diff --git a/libselinux/src/getfilecon.c b/libselinux/src/getfilecon.c
 index 67e4463..eb2ce8a 100644
 --- a/libselinux/src/getfilecon.c

libselinux.spec

@@ -10,7 +10,7 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 2.1.12
-Release: 19%{?dist}
+Release: 20%{?dist}
 License: Public Domain
 Group: System Environment/Libraries
 Source: %{name}-%{version}.tgz
@@ -241,7 +241,10 @@ rm -rf %{buildroot}
 %{ruby_sitearch}/selinux.so
 
 %changelog
-* Fri Jan 25 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-18
+* Sun Jan 27 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-20
+- Update to latest patches from eparis/Upstream
+
+* Fri Jan 25 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-19
 - Update to latest patches from eparis/Upstream
 
 * Wed Jan 23 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-18