[libsepol] Fix off by one error that is causing file_name transition rules to be expanded
Daniel J Walsh
dwalsh at fedoraproject.org
Mon Apr 23 22:20:50 UTC 2012
commit 96e6f729279c9df34d74d2b072a507748ba4d1bb
Author: Dan Walsh <dwalsh at redhat.com>
Date: Mon Apr 23 18:20:41 2012 -0400
Fix off by one error that is causing file_name transition rules to be expanded
- incorrectly on i686 machines
libsepol-rhat.patch | 13 +++++++++++++
libsepol.spec | 6 +++++-
2 files changed, 18 insertions(+), 1 deletions(-)
---
diff --git a/libsepol-rhat.patch b/libsepol-rhat.patch
index 3060992..de02868 100644
--- a/libsepol-rhat.patch
+++ b/libsepol-rhat.patch
@@ -22,3 +22,16 @@ index 71970b1..e003bc7 100644
NULL
};
+diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
+index a84de2f..ff292f6 100644
+--- a/libsepol/src/policydb.c
++++ b/libsepol/src/policydb.c
+@@ -2380,7 +2380,7 @@ int filename_trans_read(filename_trans_t **t, struct policy_file *fp)
+ return -1;
+ len = le32_to_cpu(buf[0]);
+
+- name = calloc(len, sizeof(*name));
++ name = calloc(len + 1, sizeof(*name));
+ if (!name)
+ return -1;
+
diff --git a/libsepol.spec b/libsepol.spec
index 890278f..04f40d7 100644
--- a/libsepol.spec
+++ b/libsepol.spec
@@ -1,7 +1,7 @@
Summary: SELinux binary policy manipulation library
Name: libsepol
Version: 2.1.5
-Release: 2%{?dist}
+Release: 3%{?dist}
License: LGPLv2+
Group: System Environment/Libraries
Source: http://www.nsa.gov/selinux/archives/libsepol-%{version}.tgz
@@ -99,6 +99,10 @@ exit 0
/%{_lib}/libsepol.so.1
%changelog
+* Mon Apr 23 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.5-3
+- Fix off by one error that is causing file_name transition rules to be expanded
+- incorrectly on i686 machines
+
* Tue Apr 17 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.5-2
- Add support for ptrace_child
More information about the scm-commits
mailing list