On 08/16/2016 01:45 PM, Roberts, William C wrote:
>
>
>> -Original Message-
>> From: Roberts, William C
>> Sent: Tuesday, August 16, 2016 10:29 AM
>> To: selinux@tycho.nsa.gov; jwca...@tycho.nsa.gov; seandroid-
>> l...@tycho.nsa.gov; s...@tycho.nsa.gov
>> Cc: Roberts, William C
On 08/16/2016 11:59 AM, Gary Tierney wrote:
> Hi Stephen,
>
> Replied inline below.
>
> On Mon, Aug 15, 2016 at 03:58:44PM -0400, Stephen Smalley wrote:
>> On 07/27/2016 05:25 PM, Gary Tierney wrote:
>>> semanage-login supports login mappings using the %group syntax,
>>> but genhomedircon does
So the delta between v3 and v4 is addressing the comments
on "fix overflow and 0 length allocations", and also move that
patch to the end of the series. Take up to where you have
issues as each patch can stand on its own.
[PATCH v4 1/7] libsepol: fix invalid access of NULL on
[PATCH v4 2/7]
From: William Roberts
Throughout libsepol, values taken from sepolicy are used in
places where length == 0 or length == matter,
find and fix these.
Also, correct any type mismatches noticed along the way.
Signed-off-by: William Roberts
The top-level Makefile defines _GNU_SOURCE by default which causes the
following build warning:
cc -g -O0 -Wall -D_GNU_SOURCE userns_child_exec.c -o userns_child_exec
userns_child_exec.c:11:0: warning: "_GNU_SOURCE" redefined
#define _GNU_SOURCE
... this patch first checks to see if
From: William Roberts
In type_set_expand:
When nprim, the table index counter, is greater than the value of initizalized
entries in the type_val_to_struct[] array, detect this as invalid
and return an error.
Signed-off-by: William Roberts
From: William Roberts
Signed-off-by: William Roberts
---
libsepol/src/mls.c | 12 +++-
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/libsepol/src/mls.c b/libsepol/src/mls.c
index 1e84bb7..2dc5f2b 100644
---
From: William Roberts
When initializing role_datum_t array, initialize the array.
This corrects this issue:
==25766== Conditional jump or move depends on uninitialised value(s)
==25766==at 0x40ABFE: context_is_valid (context.c:59)
==25766==by 0x40AAED:
> -Original Message-
> From: Roberts, William C
> Sent: Tuesday, August 16, 2016 10:29 AM
> To: selinux@tycho.nsa.gov; jwca...@tycho.nsa.gov; seandroid-
> l...@tycho.nsa.gov; s...@tycho.nsa.gov
> Cc: Roberts, William C
> Subject: [PATCH v4 7/7] libsepol: fix
On 08/16/2016 09:32 AM, Vit Mojzis wrote:
> When given invalid regexp, semanage reports error, but adds the invalid
> context to "/etc/selinux/targeted/contexts/files/file_contexts.local",
> which breaks the system (won't boot in enforcing mode). The new context
> doesn't show up on "#semanage
From: William Roberts
The newc variable is calloc'd and assigned to a new
owner during a loop. After the first assignment of newc
to newgenfs->head, the subsequent iteration could fail
before the newc is reseated with a new heap allocation
pointer. When the
>> Currently, in file-systems like reiserFS that support scalable xattrs, only
>> VFS is the one limiting the size to 64k. Since their is no constant, and
>> maybe one day this arbitrary VFS limit
>> would be removed, I think we should check correctlly here that were
>> allocating > 1 bytes, and
On 08/15/2016 11:59 AM, william.c.robe...@intel.com wrote:
From: William Roberts
Throughout libsepol, values taken from sepolicy are used in
places where length == 0 or length == matter,
find and fix these.
Also, correct any type mismatches noticed along the way.
On Tue, Aug 16, 2016 at 8:11 AM, William Roberts
wrote:
> On Aug 16, 2016 06:12, "James Carter" wrote:
> >
> > On 08/15/2016 11:59 AM, william.c.robe...@intel.com wrote:
> >>
> >> From: William Roberts
> >>
> >>
On 08/16/2016 03:32 AM, Vit Mojzis wrote:
> When given invalid regexp, semanage reports error, but adds the invalid
> context to "/etc/selinux/targeted/contexts/files/file_contexts.local",
> which breaks the system (won't boot in enforcing mode). The new context
> doesn't show up on "#semanage
Hi Stephen,
Replied inline below.
On Mon, Aug 15, 2016 at 03:58:44PM -0400, Stephen Smalley wrote:
> On 07/27/2016 05:25 PM, Gary Tierney wrote:
> > semanage-login supports login mappings using the %group syntax, but
> > genhomedircon does not expand groups to the users belonging to them.
> >
>
16 matches
Mail list logo