Re: [PATCH 0/7] libsepol/cil: Fix bugs found by Nicolas Looss with AFL

2016-10-19 Thread James Carter

On 10/18/2016 02:58 PM, James Carter wrote:

A series of patches to fix bugs found by Nicolas Looss while fuzzing
secilc with AFL.

James Carter (7):
  libsepol/cil: Check for improper category range
  libsepol/cil: Use empty list for category expression evaluated as
empty
  libsepol/cil: Use an empty list to represent an unknown permission
  libsepol/cil: Check if identifier is NULL when verifying name
  libsepol/cil: Check that permission is not an empty list
  libsepol/cil: Verify alias in aliasactual statement is really an alias
  libsepol/cil: Verify neither child nor parent in a bounds is an
attribute

 libsepol/cil/src/cil_build_ast.c   |  7 +
 libsepol/cil/src/cil_post.c| 13 
 libsepol/cil/src/cil_resolve_ast.c | 61 +++---
 libsepol/cil/src/cil_verify.c  |  8 -
 4 files changed, 51 insertions(+), 38 deletions(-)



Applied series with Nicolas' correct last name.

--
James Carter 
National Security Agency
___
Selinux mailing list
Selinux@tycho.nsa.gov
To unsubscribe, send email to selinux-le...@tycho.nsa.gov.
To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.


Re: [PATCH 0/7] libsepol/cil: Fix bugs found by Nicolas Looss with AFL

2016-10-18 Thread James Carter

On 10/18/2016 02:58 PM, James Carter wrote:

A series of patches to fix bugs found by Nicolas Looss while fuzzing
secilc with AFL.



Iooss, not Looss.

Sorry, Nicolas. My brain cannot process your last name correctly. I will fix 
your name when I apply the series.


Jim



James Carter (7):
  libsepol/cil: Check for improper category range
  libsepol/cil: Use empty list for category expression evaluated as
empty
  libsepol/cil: Use an empty list to represent an unknown permission
  libsepol/cil: Check if identifier is NULL when verifying name
  libsepol/cil: Check that permission is not an empty list
  libsepol/cil: Verify alias in aliasactual statement is really an alias
  libsepol/cil: Verify neither child nor parent in a bounds is an
attribute

 libsepol/cil/src/cil_build_ast.c   |  7 +
 libsepol/cil/src/cil_post.c| 13 
 libsepol/cil/src/cil_resolve_ast.c | 61 +++---
 libsepol/cil/src/cil_verify.c  |  8 -
 4 files changed, 51 insertions(+), 38 deletions(-)




--
James Carter 
National Security Agency
___
Selinux mailing list
Selinux@tycho.nsa.gov
To unsubscribe, send email to selinux-le...@tycho.nsa.gov.
To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.


[PATCH 0/7] libsepol/cil: Fix bugs found by Nicolas Looss with AFL

2016-10-18 Thread James Carter
A series of patches to fix bugs found by Nicolas Looss while fuzzing
secilc with AFL.

James Carter (7):
  libsepol/cil: Check for improper category range
  libsepol/cil: Use empty list for category expression evaluated as
empty
  libsepol/cil: Use an empty list to represent an unknown permission
  libsepol/cil: Check if identifier is NULL when verifying name
  libsepol/cil: Check that permission is not an empty list
  libsepol/cil: Verify alias in aliasactual statement is really an alias
  libsepol/cil: Verify neither child nor parent in a bounds is an
attribute

 libsepol/cil/src/cil_build_ast.c   |  7 +
 libsepol/cil/src/cil_post.c| 13 
 libsepol/cil/src/cil_resolve_ast.c | 61 +++---
 libsepol/cil/src/cil_verify.c  |  8 -
 4 files changed, 51 insertions(+), 38 deletions(-)

-- 
2.7.4

___
Selinux mailing list
Selinux@tycho.nsa.gov
To unsubscribe, send email to selinux-le...@tycho.nsa.gov.
To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.