selinux

mirror of https://github.com/SELinuxProject/selinux synced 2025-01-04 20:49:53 +00:00

History

Nicolas Iooss 64387cb373 libsepol: drop confusing BUG_ON macro Contrary to Linux kernel, BUG_ON() does not halt the execution, in libsepol/src/services.c. Instead it displays an error message and continues the execution. This means that this code does not prevent an out-of-bound write from happening: case CEXPR_AND: BUG_ON(sp < 1); sp--; s[sp] &= s[sp + 1]; Use if(...){BUG();rc=-EINVAL;goto out;} constructions instead, to make sure that the array access is always in-bound. This issue has been found using clang's static analyzer: https://558-118970575-gh.circle-artifacts.com/0/output-scan-build/2020-10-02-065849-6375-1/report-50a861.html#EndPath Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>		2020-10-19 22:08:37 +02:00
..
cil	libsepol/cil: fix signed overflow caused by using (1 << 31) - 1	2020-10-15 19:25:05 +02:00
include	libsepol: implement POLICYDB_VERSION_COMP_FTRANS	2020-08-03 08:52:12 -04:00
man	selinux: Update manpages after removing legacy boolean and user code	2019-07-29 23:46:47 +02:00
src	libsepol: drop confusing BUG_ON macro	2020-10-19 22:08:37 +02:00
tests	libsepol/tests: drop ncurses dependency	2020-05-04 10:31:44 +02:00
utils	libsepol: build: follow standard semantics for DESTDIR and PREFIX	2018-02-14 15:59:36 +01:00
.gitignore	libsepol: build cil into libsepol	2014-08-26 08:03:31 -04:00
COPYING
Makefile	libsepol: build cil into libsepol	2014-08-26 08:03:31 -04:00
VERSION	Update VERSIONs and Python bindings version to 3.1 for release	2020-07-10 17:17:15 +02:00