- Upgrade to latest from NSA
Fixed attr_convert_callback and expand_convert_type_set typemap bug.
This commit is contained in:
Daniel J Walsh
parent
d808811bca
commit
058dbc84ac
@ -90,3 +90,4 @@ libsepol-1.11.20.tgz
|
|||||||
libsepol-1.12.tgz
|
libsepol-1.12.tgz
|
||||||
libsepol-1.12.1.tgz
|
libsepol-1.12.1.tgz
|
||||||
libsepol-1.12.2.tgz
|
libsepol-1.12.2.tgz
|
||||||
|
libsepol-1.12.3.tgz
|
||||||
|
|||||||
@ -1,55 +1,47 @@
|
|||||||
diff --exclude-from=exclude -N -u -r nsalibsepol/src/libsepol.map libsepol-1.11.1/src/libsepol.map
|
diff -u -p -r1.5 ebitmap.c
|
||||||
--- nsalibsepol/src/libsepol.map 2005-11-15 08:06:55.000000000 -0500
|
--- libsepol/src/ebitmap.c 7 Oct 2005 20:10:15 -0000 1.5
|
||||||
+++ libsepol-1.11.1/src/libsepol.map 2005-12-27 11:07:34.000000000 -0500
|
+++ libsepol/src/ebitmap.c 27 Mar 2006 21:13:45 -0000
|
||||||
@@ -4,6 +4,7 @@
|
@@ -12,6 +12,7 @@
|
||||||
sepol_bool_*; sepol_genbools*;
|
#include <sepol/policydb/ebitmap.h>
|
||||||
sepol_context*; sepol_check_context;
|
#include <sepol/policydb/policydb.h>
|
||||||
sepol_iface_*;
|
|
||||||
+ sepol_port_*;
|
|
||||||
sepol_user_*; sepol_genusers; sepol_set_delusers;
|
|
||||||
sepol_msg_*; sepol_debug;
|
|
||||||
sepol_handle_*;
|
|
||||||
diff --exclude-from=exclude -N -u -r nsalibsepol/src/port_record.c libsepol-1.11.1/src/port_record.c
|
|
||||||
--- nsalibsepol/src/port_record.c 2005-11-01 17:32:59.000000000 -0500
|
|
||||||
+++ libsepol-1.11.1/src/port_record.c 2005-12-27 11:07:34.000000000 -0500
|
|
||||||
@@ -84,8 +84,8 @@
|
|
||||||
sepol_port_t* port,
|
|
||||||
sepol_port_key_t* key) {
|
|
||||||
|
|
||||||
- if ((port->low <= key->low) &&
|
+#include "debug.h"
|
||||||
- (port->high >= key->high) &&
|
#include "private.h"
|
||||||
+ if ((port->low == key->low) &&
|
|
||||||
+ (port->high == key->high) &&
|
|
||||||
(port->proto == key->proto))
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
diff --exclude-from=exclude -N -u -r nsalibsepol/src/ports.c libsepol-1.11.1/src/ports.c
|
int ebitmap_or(ebitmap_t * dst, ebitmap_t * e1, ebitmap_t * e2)
|
||||||
--- nsalibsepol/src/ports.c 2005-11-04 15:37:13.000000000 -0500
|
@@ -182,6 +183,10 @@ int ebitmap_set_bit(ebitmap_t * e, unsig
|
||||||
+++ libsepol-1.11.1/src/ports.c 2005-12-27 11:07:34.000000000 -0500
|
{
|
||||||
@@ -182,7 +182,7 @@
|
ebitmap_node_t *n, *prev, *new;
|
||||||
int low2 = c->u.port.low_port;
|
|
||||||
int high2 = c->u.port.high_port;
|
|
||||||
|
|
||||||
- if (proto == proto2 && low2 <= low && high2 >= high) {
|
+ if (bit == (unsigned int)-1) {
|
||||||
+ if (proto == proto2 && low2 == low && high2 == high) {
|
+ ERR(NULL, "negative bit position.");
|
||||||
*response = 1;
|
+ return -EINVAL;
|
||||||
return STATUS_SUCCESS;
|
+ }
|
||||||
|
|
||||||
|
prev = 0;
|
||||||
|
n = e->node;
|
||||||
|
Index: libsepol/src/expand.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /nfshome/pal/CVS/selinux-usr/libsepol/src/expand.c,v
|
||||||
|
retrieving revision 1.23
|
||||||
|
diff -u -p -r1.23 expand.c
|
||||||
|
--- libsepol/src/expand.c 13 Feb 2006 13:59:54 -0000 1.23
|
||||||
|
+++ libsepol/src/expand.c 27 Mar 2006 21:17:21 -0000
|
||||||
|
@@ -138,6 +138,8 @@ static int attr_convert_callback(hashtab
|
||||||
|
ebitmap_for_each_bit(&type->types, node, i) {
|
||||||
|
if (!ebitmap_node_get_bit(node, i))
|
||||||
|
continue;
|
||||||
|
+ if (!state->typemap[i])
|
||||||
|
+ continue;
|
||||||
|
if (ebitmap_set_bit(&new_type->types,
|
||||||
|
state->typemap[i]-1, 1)) {
|
||||||
|
ERR (state->handle, "out of memory");
|
||||||
|
@@ -1441,6 +1443,8 @@ int expand_convert_type_set(policydb_t *
|
||||||
|
ebitmap_for_each_bit(&tmp, tnode, i) {
|
||||||
|
if (!ebitmap_node_get_bit(tnode, i))
|
||||||
|
continue;
|
||||||
|
+ if (!typemap[i])
|
||||||
|
+ continue;
|
||||||
|
if (ebitmap_set_bit(types, typemap[i] - 1, 1))
|
||||||
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -220,7 +220,7 @@
|
|
||||||
int low2 = c->u.port.low_port;
|
|
||||||
int high2 = c->u.port.high_port;
|
|
||||||
|
|
||||||
- if (proto == proto2 && low2 <= low && high2 >= high) {
|
|
||||||
+ if (proto == proto2 && low2 == low && high2 == high) {
|
|
||||||
if (port_to_record(handle, policydb, c, response) < 0)
|
|
||||||
goto err;
|
|
||||||
return STATUS_SUCCESS;
|
|
||||||
@@ -263,7 +263,7 @@
|
|
||||||
int low2 = c->u.port.low_port;
|
|
||||||
int high2 = c->u.port.high_port;
|
|
||||||
|
|
||||||
- if (proto == proto2 && low2 <= low && high2 >= high) {
|
|
||||||
+ if (proto == proto2 && low2 == low && high2 == high) {
|
|
||||||
|
|
||||||
/* Replace */
|
|
||||||
port->next = c->next;
|
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
Summary: SELinux binary policy manipulation library
|
Summary: SELinux binary policy manipulation library
|
||||||
Name: libsepol
|
Name: libsepol
|
||||||
Version: 1.12.2
|
Version: 1.12.3
|
||||||
Release: 1
|
Release: 1
|
||||||
License: GPL
|
License: GPL
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
@ -80,6 +80,11 @@ exit 0
|
|||||||
%{_includedir}/sepol/policydb/*.h
|
%{_includedir}/sepol/policydb/*.h
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Mar 27 2006 Dan Walsh <dwalsh@redhat.com> 1.12.3-1
|
||||||
|
- Upgrade to latest from NSA
|
||||||
|
* Fixed attr_convert_callback and expand_convert_type_set
|
||||||
|
typemap bug.
|
||||||
|
|
||||||
* Fri Mar 24 2006 Dan Walsh <dwalsh@redhat.com> 1.12.2-1
|
* Fri Mar 24 2006 Dan Walsh <dwalsh@redhat.com> 1.12.2-1
|
||||||
- Upgrade to latest from NSA
|
- Upgrade to latest from NSA
|
||||||
* Fixed avrule_block_write num_decls endian bug.
|
* Fixed avrule_block_write num_decls endian bug.
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user