RepoMirrors/setools
1
0
Fork 0
mirror of https://github.com/SELinuxProject/setools synced 2025-04-11 03:51:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

InfoFlowAnalysis: Revise disabled rule removal to use TERule.enabled().

Browse Source
This commit is contained in:
Chris PeBenito 2019-02-23 23:46:39 -08:00
parent 2593b008e1
commit 16c603df96
1 changed files with 10 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
setools/infoflow.py
View File

@ -356,30 +356,23 @@ class InfoFlowAnalysis:
delete_list = [] delete_list = []
for s, t in self.subG.edges(): for s, t in self.subG.edges():
edge = Edge(self.subG, s, t) edge = Edge(self.subG, s, t)
# collect disabled rules
rule_list = [] rule_list = []
for rule in iter(edge.rules): # pylint: disable=not-an-iterable
try: for rule in edge.rules:
if rule.conditional: if not rule.enabled(**self.booleans):
bool_enabled = rule.conditional.evaluate(**self.booleans) rule_list.append(rule)
# if conditional is true then delete the false rules
if bool_enabled:
for false_rule in rule.conditional.false_rules():
if false_rule in iter(edge.rules):
rule_list.append(false_rule)
# if conditional is false then delete the true rules
else:
for true_rule in rule.conditional.true_rules():
if true_rule in iter(edge.rules):
rule_list.append(true_rule)
except RuleNotConditional as e:
pass
deleted_rules = [] deleted_rules = []
for rule in rule_list: for rule in rule_list:
if rule not in deleted_rules: if rule not in deleted_rules:
edge.rules.remove(rule) edge.rules.remove(rule)
deleted_rules.append(rule) deleted_rules.append(rule)
if len(edge.rules) == 0:
if not edge.rules:
delete_list.append(edge) delete_list.append(edge)
self.subG.remove_edges_from(delete_list) self.subG.remove_edges_from(delete_list)
self.rebuildsubgraph = False self.rebuildsubgraph = False