Eric Paris dd61029c54 libselinux: label_file: fix potential read past buffer in spec_hasMetaChars ... An illegal regex may end with a single \ followed by nul. This could cause us to search past the end of the character array. The loop formation looks like so: c = regex_str; len = strlen(c); end = c + len; while (c != end) { switch (*c) { ... case '\\': /* skip the next character */ c++; break; ... } c++; } If the \ is the last character then we will increment c and break from the switch. The while loop will then increment c. So now c == end+1. This means we will keep running into infinity and beyond! Easy fix. Make the loop check (c < end). Thus even if we jump past end, we still exit the loop. Signed-off-by: Eric Paris <eparis@redhat.com>		2012-09-12 14:51:48 -04:00
checkpolicy	checkpolicy: check return code on ebitmap_set_bit	2012-09-12 14:30:20 -04:00
libselinux	libselinux: label_file: fix potential read past buffer in spec_hasMetaChars	2012-09-12 14:51:48 -04:00
libsemanage	libsemanage: do boolean name substitution	2012-09-12 13:17:30 -04:00
libsepol	libsepol: Add always_check_network policy capability	2012-09-12 14:30:24 -04:00
policycoreutils	policycoreutils: sandbox: Make sure Xephyr never listens on tcp ports	2012-09-12 14:30:22 -04:00
scripts	release script	2009-03-12 01:23:32 -04:00
sepolgen	sepolgen: Allow returning of bastard matches	2012-09-12 12:16:19 -04:00
.gitignore	.gitignore: More files to ignore	2011-09-16 11:54:04 -04:00
Makefile	libselinux: additional makefile support for rubywrap	2012-06-28 11:21:16 -04:00