[checkpolicy/f17] Update to upstream

Wed Jul 4 11:57:12 UTC 2012

commit 5a340138c209a846363275a1db08d3c5e1bd26ce
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Wed Jul 4 07:57:10 2012 -0400

    Update to upstream
    
    	* sepolgen: We need to support files that have a + in them
    	* Android/MacOS X build support

 .gitignore             |    1 +
 checkpolicy-rhat.patch |   46 +++++++++++++++++++++++++++++++++-------------
 checkpolicy.spec       |   11 ++++++++---
 sources                |    2 +-
 4 files changed, 43 insertions(+), 17 deletions(-)
---

diff --git a/.gitignore b/.gitignore
index c3246a7..1fdd7c7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -86,3 +86,4 @@ checkpolicy-2.0.22.tgz
 /checkpolicy-2.1.7.tgz
 /checkpolicy-2.1.8.tgz
 /checkpolicy-2.1.9.tgz
+/checkpolicy-2.1.10.tgz
diff --git a/checkpolicy-rhat.patch b/checkpolicy-rhat.patch
index 87748ca..c6c639c 100644
--- a/checkpolicy-rhat.patch
+++ b/checkpolicy-rhat.patch
@@ -1,13 +1,33 @@
-diff --git a/checkpolicy/policy_scan.l b/checkpolicy/policy_scan.l
-index e767b5f..143e797 100644
---- a/checkpolicy/policy_scan.l
-+++ b/checkpolicy/policy_scan.l
-@@ -234,7 +234,7 @@ HIGH				{ return(HIGH); }
- low |
- LOW				{ return(LOW); }
- "/"({alnum}|[_\.\-/])*	        { return(PATH); }
--\"({alnum}|[_\.\-\~])+\"	{ return(FILENAME); }
-+\"({alnum}|[_\.\-\+\~])+\"	{ return(FILENAME); }
- {letter}({alnum}|[_\-])*([\.]?({alnum}|[_\-]))*	{ return(IDENTIFIER); }
- {alnum}*{letter}{alnum}*        { return(FILESYSTEM); }
- {digit}+|0x{hexval}+            { return(NUMBER); }
+diff --git a/checkpolicy/checkmodule.c b/checkpolicy/checkmodule.c
+index 47603e0..cb58cf0 100644
+--- a/checkpolicy/checkmodule.c
++++ b/checkpolicy/checkmodule.c
+@@ -63,10 +63,12 @@ static int read_binary_policy(policydb_t * p, char *file, char *progname)
+ 	if (fstat(fd, &sb) < 0) {
+ 		fprintf(stderr, "Can't stat '%s':  %s\n",
+ 			file, strerror(errno));
++		close(fd);
+ 		return -1;
+ 	}
+ 	map =
+ 	    mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
++	close(fd);
+ 	if (map == MAP_FAILED) {
+ 		fprintf(stderr, "Can't map '%s':  %s\n", file, strerror(errno));
+ 		return -1;
+diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
+index 8fa3214..2c12447 100644
+--- a/checkpolicy/policy_define.c
++++ b/checkpolicy/policy_define.c
+@@ -2341,7 +2341,10 @@ int define_role_trans(int class_specified)
+ 			return -1;
+ 		}
+ 
+-		ebitmap_set_bit(&e_classes, cladatum->s.value - 1, TRUE);
++		if (ebitmap_set_bit(&e_classes, cladatum->s.value - 1, TRUE)) {
++			yyerror("out of memory");
++			return -1;
++		}
+ 	}
+ 
+ 	id = (char *)queue_remove(id_queue);
diff --git a/checkpolicy.spec b/checkpolicy.spec
index 29f9220..d44cafc 100644
--- a/checkpolicy.spec
+++ b/checkpolicy.spec
@@ -1,9 +1,9 @@
-%define libselinuxver 2.1.6-4
+%define libselinuxver 2.1.10-1
 %define libsepolver 2.1.5-3
 Summary: SELinux policy compiler
 Name: checkpolicy
-Version: 2.1.9
-Release: 4%{?dist}
+Version: 2.1.10
+Release: 1%{?dist}
 License: GPLv2
 Group: Development/System
 Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
@@ -56,6 +56,11 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_bindir}/sedispol
 
 %changelog
+* Wed Jul 4 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.10-1
+- Update to upstream 
+	* sepolgen: We need to support files that have a + in them
+	* Android/MacOS X build support
+
 * Mon Apr 23 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.9-4
 - Rebuild to get latest libsepol which fixes the file_name transition problems
 
diff --git a/sources b/sources
index eb07af5..2a25371 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-bf89762f257f145244a77d58ca31b95b  checkpolicy-2.1.9.tgz
+31a46b32b14a467f90e79a4792cf29c6  checkpolicy-2.1.10.tgz
