selinux

mirror of https://github.com/SELinuxProject/selinux synced 2024-12-18 12:14:33 +00:00

History

Nicolas Iooss 602385d70c libsepol/cil: free the first operand if the second one is invalid When __cil_expr_to_bitmap() fails to parse the second operand of an operation with two operands, it returns an error without destroying the bitmap which has been created for the first operand. Fix this memory leak. This has been tested with the following policy: (class CLASS (PERM)) (classorder (CLASS)) (sid SID) (sidorder (SID)) (user USER) (role ROLE) (type TYPE) (category CAT) (categoryorder (CAT)) (sensitivity SENS) (sensitivityorder (SENS)) (sensitivitycategory SENS (CAT)) (allow TYPE self (CLASS (PERM))) (roletype ROLE TYPE) (userrole USER ROLE) (userlevel USER (SENS)) (userrange USER ((SENS)(SENS (CAT)))) (sidcontext SID (USER ROLE TYPE ((SENS)(SENS)))) (permissionx ioctl_test (ioctl CLASS (and (range 0x1600 0x19FF) (.ot (range 0x1750 0x175F))))) This memory leak has been found by running clang's Address Sanitizer on a set of policies generated from secilc/test/policy.cil by American Fuzzy Lop. Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>		2017-02-21 13:09:39 -05:00
..
cil	libsepol/cil: free the first operand if the second one is invalid	2017-02-21 13:09:39 -05:00
include	libsepol: use constant keys in hashtab functions	2017-01-19 08:46:19 -05:00
man	Laurent Bigonville patch to fix various minor manpage issues and correct section numbering.	2013-10-24 13:58:37 -04:00
src	libsepol: fix -Wwrite-strings warnings	2017-02-06 11:05:33 -05:00
tests	libsepol/tests: fix -Wwrite-strings warnings	2017-02-06 11:06:04 -05:00
utils	libsepol: Android/MacOS X build support	2012-06-28 11:21:15 -04:00
.gitignore	libsepol: build cil into libsepol	2014-08-26 08:03:31 -04:00
COPYING
Makefile	libsepol: build cil into libsepol	2014-08-26 08:03:31 -04:00
VERSION	Update VERSION and ChangeLog files for 2.6 final release.	2016-10-14 11:31:26 -04:00