mirror of
https://github.com/SELinuxProject/selinux
synced 2025-01-20 12:30:45 +00:00
a152653b9a
When classmaps used in a neverallow were being expanded during CIL neverallow checking, an empty classmapping in the list of classmappings for a classmap would cause the classmap expansion to stop and the rest of the classmapping of the classmap to be ignored. This would mean that not all of the classes and permissions associated with the classmap would be used to check for a neverallow violation. Do not end the expansion of a classmap when one classmapping is empty. Reported-by: Jonathan Hettwer <j2468h@gmail.com> Signed-off-by: James Carter <jwcart2@gmail.com> Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com> |
||
|---|---|---|
| .. | ||
| include/cil | ||
| src | ||
| test | ||
| .gitignore | ||