-
Notifications
You must be signed in to change notification settings - Fork 352
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix bug in policydb_write when attempting to correct policy for older…
… versions. The current implementation fails as it doesn't remove scope declarations further in the modular policy. This fixes the problem by removing the offending entries in the hash table and the scope table. Steps to reproduce: Try to build the following module then make a module from an older release: module test 1.0.0; require { type default_t; } attribute_role new_atrole; checkmodule -M -m -c 12 -o test.mod test.te semodule_package -o test.pp -m test.mod semodule_package: Error while reading policy module from test.mod Failure occurs when the current module gets written out with the scope declaration intact. This is due to policydb.c:3913 doing a hashtab search on a scope key that is not in the symbol table. Signed-off-by: Matthew Ife <[email protected]>
- Loading branch information
Matthew Ife
committed
Nov 30, 2020
1 parent
fadcc83
commit ee4e1ed
Showing
2 changed files
with
89 additions
and
44 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters