c59879b8aa
Rebase on upstream commit 32611aea6543
See
$ cd SELinuxProject/selinux
$ git log --pretty=oneline libsepol-3.2..32611aea6543 -- libsepol
36 lines
1.1 KiB
Diff
36 lines
1.1 KiB
Diff
From f33745a22b4133c59059356a23dbbc229067e3c1 Mon Sep 17 00:00:00 2001
|
|
From: James Carter <jwcart2@gmail.com>
|
|
Date: Mon, 21 Jun 2021 10:56:43 -0400
|
|
Subject: [PATCH] libsepol/cil: Check for empty list when marking neverallow
|
|
attributes
|
|
|
|
When marking a type attribute as used in a neverallow (to help determine
|
|
whether or not it should be expanded), check if the attribute's expression
|
|
list is empty (no attributes are associated with it) before iterating
|
|
over the list.
|
|
|
|
Signed-off-by: James Carter <jwcart2@gmail.com>
|
|
Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>
|
|
---
|
|
libsepol/cil/src/cil_post.c | 4 ++++
|
|
1 file changed, 4 insertions(+)
|
|
|
|
diff --git a/libsepol/cil/src/cil_post.c b/libsepol/cil/src/cil_post.c
|
|
index 7bca0834ad39..7e2c2b9a85c3 100644
|
|
--- a/libsepol/cil/src/cil_post.c
|
|
+++ b/libsepol/cil/src/cil_post.c
|
|
@@ -1494,6 +1494,10 @@ static void __mark_neverallow_attrs(struct cil_list *expr_list)
|
|
{
|
|
struct cil_list_item *curr;
|
|
|
|
+ if (!expr_list) {
|
|
+ return;
|
|
+ }
|
|
+
|
|
cil_list_for_each(curr, expr_list) {
|
|
if (curr->flavor == CIL_DATUM) {
|
|
if (FLAVOR(curr->data) == CIL_TYPEATTRIBUTE) {
|
|
--
|
|
2.32.0
|
|
|