Commit 02a7d77ef2bf ("libsepol: make parsing symbol table headers more
robust") broke refpolicy build, because checkmodule generates avrule
decl blocks with "decl->symtab[i].nprim = 0" for all possible i, even
when decl->symtab[SYM_ROLES] and decl->symtab[SYM_TYPES] are not
empty.More precisely, decl->symtab[i].nprim seems to be only updated in libsepol/src/link.c (in *_copy_callback() functions). Revert the buggy part of commit 02a7d77ef2bf to fix this regression. Signed-off-by: Nicolas Iooss <[email protected]> --- libsepol/src/policydb.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c index d1019e42de16..f9b2ec379c33 100644 --- a/libsepol/src/policydb.c +++ b/libsepol/src/policydb.c @@ -3510,10 +3510,6 @@ static int avrule_decl_read(policydb_t * p, avrule_decl_t * decl, return -1; nprim = le32_to_cpu(buf[0]); nel = le32_to_cpu(buf[1]); - if (nel && !nprim) { - ERR(fp->handle, "unexpected items in decl symbol table with no symbol"); - return -1; - } for (j = 0; j < nel; j++) { if (read_f[i] (p, decl->symtab[i].table, fp)) { return -1; -- 2.10.2 _______________________________________________ Selinux mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
