Menu
▾
▴
selinux-commits
|
From: <ssm...@us...> - 2007-10-11 20:15:35
|
Revision: 2645
http://selinux.svn.sourceforge.net/selinux/?rev=2645&view=rev
Author: ssmalley
Date: 2007-10-11 13:14:02 -0700 (Thu, 11 Oct 2007)
Log Message:
-----------
Author: Stephen Smalley
Email: sd...@ty...
Subject: refpolicy xserver branch
Date: Wed, 10 Oct 2007 08:43:37 -0400
On Wed, 2007-10-10 at 08:25 -0400, Stephen Smalley wrote:
> On Wed, 2007-10-10 at 08:13 -0400, Stephen Smalley wrote:
> > On Wed, 2007-10-10 at 08:01 -0400, Stephen Smalley wrote:
> > > On Wed, 2007-10-10 at 07:52 -0400, Stephen Smalley wrote:
> > > > On Tue, 2007-10-09 at 17:40 +0000, Christopher J. PeBenito wrote:
> > > > > On Tue, 2007-10-09 at 12:33 -0400, Eamon Walsh wrote:
> > > > > > Christopher J. PeBenito wrote:
> > > > > > > It was explicitly listed in both the xwindows.if and .te, but not used.
> > > > > > > I cleaned it up.
> > > > > > >
> > > > > >
> > > > > > Thanks! Now, we have:
> > > > > >
> > > > > >
> > > > > > Installing refpolicy zebra.pp policy package.
> > > > > > Loading configured modules.
> > > > > > libsepol.print_missing_requirements: xwindows's global requirements were not met: common httpd_ssi_exec
> > > > > > libsemanage.semanage_link_sandbox: Link packages failed
> > > > > > /usr/sbin/semodule: Failed!
> > > > > > make: *** [load] Error 1
> > > > >
> > > > > I can't reproduce this but instead I'm getting a segfault when my test
> > > > > script tries to test link it by calling semodule_link directly. I'm
> > > > > using the current stable release toolchain. Going by your error
> > > > > message, it looks like it might be a toolchain bug since httpd_ssi_exec
> > > > > isn't a common, its a boolean.
> > > >
> > > > (cc Joshua and Karl)
> > > >
> > > > svn co http://oss.tresys.com/repos/refpolicy/branchs/xselinux
> > > > cd xselinux
> > > > make MONOLITHIC=n
> > > > make load
> > > > ...
> > > > Loading configured modules.
> > > > /usr/sbin/semodule -s refpolicy -b /usr/share/selinux/refpolicy/base.pp -i /usr/share/selinux/refpolicy/acct.pp -i /usr/share/selinux/refpolicy/ada.pp -i /usr/share/selinux/refpolicy/afs.pp -i /usr/share/selinux/refpolicy/aide.pp -i /usr/share/selinux/refpolicy/alsa.pp -i /usr/share/selinux/refpolicy/amanda.pp -i /usr/share/selinux/refpolicy/amavis.pp -i /usr/share/selinux/refpolicy/amtu.pp -i /usr/share/selinux/refpolicy/anaconda.pp -i /usr/share/selinux/refpolicy/apache.pp -i /usr/share/selinux/refpolicy/apcupsd.pp -i /usr/share/selinux/refpolicy/apm.pp -i /usr/share/selinux/refpolicy/application.pp -i /usr/share/selinux/refpolicy/apt.pp -i /usr/share/selinux/refpolicy/arpwatch.pp -i /usr/share/selinux/refpolicy/asterisk.pp -i /usr/share/selinux/refpolicy/audioentropy.pp -i /usr/share/selinux/refpolicy/authbind.pp -i /usr/share/selinux/refpolicy/authlogin.pp -i /usr/share/selinux/refpolicy/automount.pp -i /usr/share/selinux/refpolicy/avahi.pp -i /usr/share/selinux/refpolicy/awstats.pp -i /usr/share/selinux/refpolicy/backup.pp -i /usr/share/selinux/refpolicy/bind.pp -i /usr/share/selinux/refpolicy/bitlbee.pp -i /usr/share/selinux/refpolicy/bluetooth.pp -i /usr/share/selinux/refpolicy/bootloader.pp -i /usr/share/selinux/refpolicy/brctl.pp -i /usr/share/selinux/refpolicy/calamaris.pp -i /usr/share/selinux/refpolicy/canna.pp -i /usr/share/selinux/refpolicy/ccs.pp -i /usr/share/selinux/refpolicy/cdrecord.pp -i /usr/share/selinux/refpolicy/certwatch.pp -i /usr/share/selinux/refpolicy/cipe.pp -i /usr/share/selinux/refpolicy/clamav.pp -i /usr/share/selinux/refpolicy/clock.pp -i /usr/share/selinux/refpolicy/clockspeed.pp -i /usr/share/selinux/refpolicy/comsat.pp -i /usr/share/selinux/refpolicy/consolekit.pp -i /usr/share/selinux/refpolicy/consoletype.pp -i /usr/share/selinux/refpolicy/courier.pp -i /usr/share/selinux/refpolicy/cpucontrol.pp -i /usr/share/selinux/refpolicy/cron.pp -i /usr/share/selinux/refpolicy/cups.pp -i /usr/share/selinux/refpolicy/cvs.pp -i /usr/share/selinux/refpolicy/cyrus.pp -i /usr/share/selinux/refpolicy/daemontools.pp -i /usr/share/selinux/refpolicy/dante.pp -i /usr/share/selinux/refpolicy/dbskk.pp -i /usr/share/selinux/refpolicy/dbus.pp -i /usr/share/selinux/refpolicy/dcc.pp -i /usr/share/selinux/refpolicy/ddclient.pp -i /usr/share/selinux/refpolicy/ddcprobe.pp -i /usr/share/selinux/refpolicy/dhcp.pp -i /usr/share/selinux/refpolicy/dictd.pp -i /usr/share/selinux/refpolicy/distcc.pp -i /usr/share/selinux/refpolicy/djbdns.pp -i /usr/share/selinux/refpolicy/dmesg.pp -i /usr/share/selinux/refpolicy/dmidecode.pp -i /usr/share/selinux/refpolicy/dnsmasq.pp -i /usr/share/selinux/refpolicy/dovecot.pp -i /usr/share/selinux/refpolicy/dpkg.pp -i /usr/share/selinux/refpolicy/ethereal.pp -i /usr/share/selinux/refpolicy/evolution.pp -i /usr/share/selinux/refpolicy/fail2ban.pp -i /usr/share/selinux/refpolicy/fetchmail.pp -i /usr/share/selinux/refpolicy/finger.pp -i /usr/share/selinux/refpolicy/firstboot.pp -i /usr/share/selinux/refpolicy/fstools.pp -i /usr/share/selinux/refpolicy/ftp.pp -i /usr/share/selinux/refpolicy/games.pp -i /usr/share/selinux/refpolicy/gatekeeper.pp -i /usr/share/selinux/refpolicy/getty.pp -i /usr/share/selinux/refpolicy/gift.pp -i /usr/share/selinux/refpolicy/gnome.pp -i /usr/share/selinux/refpolicy/gpg.pp -i /usr/share/selinux/refpolicy/gpm.pp -i /usr/share/selinux/refpolicy/hal.pp -i /usr/share/selinux/refpolicy/hostname.pp -i /usr/share/selinux/refpolicy/hotplug.pp -i /usr/share/selinux/refpolicy/howl.pp -i /usr/share/selinux/refpolicy/i18n_input.pp -i /usr/share/selinux/refpolicy/imaze.pp -i /usr/share/selinux/refpolicy/inetd.pp -i /usr/share/selinux/refpolicy/init.pp -i /usr/share/selinux/refpolicy/inn.pp -i /usr/share/selinux/refpolicy/ipsec.pp -i /usr/share/selinux/refpolicy/iptables.pp -i /usr/share/selinux/refpolicy/irc.pp -i /usr/share/selinux/refpolicy/ircd.pp -i /usr/share/selinux/refpolicy/irqbalance.pp -i /usr/share/selinux/refpolicy/iscsi.pp -i /usr/share/selinux/refpolicy/jabber.pp -i /usr/share/selinux/refpolicy/java.pp -i /usr/share/selinux/refpolicy/kerberos.pp -i /usr/share/selinux/refpolicy/ktalk.pp -i /usr/share/selinux/refpolicy/kudzu.pp -i /usr/share/selinux/refpolicy/ldap.pp -i /usr/share/selinux/refpolicy/libraries.pp -i /usr/share/selinux/refpolicy/loadkeys.pp -i /usr/share/selinux/refpolicy/locallogin.pp -i /usr/share/selinux/refpolicy/lockdev.pp -i /usr/share/selinux/refpolicy/logging.pp -i /usr/share/selinux/refpolicy/logrotate.pp -i /usr/share/selinux/refpolicy/logwatch.pp -i /usr/share/selinux/refpolicy/lpd.pp -i /usr/share/selinux/refpolicy/lvm.pp -i /usr/share/selinux/refpolicy/mailman.pp -i /usr/share/selinux/refpolicy/miscfiles.pp -i /usr/share/selinux/refpolicy/modutils.pp -i /usr/share/selinux/refpolicy/mono.pp -i /usr/share/selinux/refpolicy/monop.pp -i /usr/share/selinux/refpolicy/mount.pp -i /usr/share/selinux/refpolicy/mozilla.pp -i /usr/share/selinux/refpolicy/mplayer.pp -i /usr/share/selinux/refpolicy/mrtg.pp -i /usr/share/selinux/refpolicy/mta.pp -i /usr/share/selinux/refpolicy/munin.pp -i /usr/share/selinux/refpolicy/mysql.pp -i /usr/share/selinux/refpolicy/nagios.pp -i /usr/share/selinux/refpolicy/nessus.pp -i /usr/share/selinux/refpolicy/netlabel.pp -i /usr/share/selinux/refpolicy/netutils.pp -i /usr/share/selinux/refpolicy/networkmanager.pp -i /usr/share/selinux/refpolicy/nis.pp -i /usr/share/selinux/refpolicy/nscd.pp -i /usr/share/selinux/refpolicy/nsd.pp -i /usr/share/selinux/refpolicy/ntop.pp -i /usr/share/selinux/refpolicy/ntp.pp -i /usr/share/selinux/refpolicy/nx.pp -i /usr/share/selinux/refpolicy/oav.pp -i /usr/share/selinux/refpolicy/oddjob.pp -i /usr/share/selinux/refpolicy/openca.pp -i /usr/share/selinux/refpolicy/openct.pp -i /usr/share/selinux/refpolicy/openvpn.pp -i /usr/share/selinux/refpolicy/pcmcia.pp -i /usr/share/selinux/refpolicy/pcscd.pp -i /usr/share/selinux/refpolicy/pegasus.pp -i /usr/share/selinux/refpolicy/perdition.pp -i /usr/share/selinux/refpolicy/portage.pp -i /usr/share/selinux/refpolicy/portmap.pp -i /usr/share/selinux/refpolicy/portslave.pp -i /usr/share/selinux/refpolicy/postfix.pp -i /usr/share/selinux/refpolicy/postgresql.pp -i /usr/share/selinux/refpolicy/postgrey.pp -i /usr/share/selinux/refpolicy/ppp.pp -i /usr/share/selinux/refpolicy/prelink.pp -i /usr/share/selinux/refpolicy/privoxy.pp -i /usr/share/selinux/refpolicy/procmail.pp -i /usr/share/selinux/refpolicy/publicfile.pp -i /usr/share/selinux/refpolicy/pxe.pp -i /usr/share/selinux/refpolicy/pyzor.pp -i /usr/share/selinux/refpolicy/qmail.pp -i /usr/share/selinux/refpolicy/quota.pp -i /usr/share/selinux/refpolicy/radius.pp -i /usr/share/selinux/refpolicy/radvd.pp -i /usr/share/selinux/refpolicy/raid.pp -i /usr/share/selinux/refpolicy/razor.pp -i /usr/share/selinux/refpolicy/rdisc.pp -i /usr/share/selinux/refpolicy/readahead.pp -i /usr/share/selinux/refpolicy/remotelogin.pp -i /usr/share/selinux/refpolicy/resmgr.pp -i /usr/share/selinux/refpolicy/rhgb.pp -i /usr/share/selinux/refpolicy/ricci.pp -i /usr/share/selinux/refpolicy/rlogin.pp -i /usr/share/selinux/refpolicy/roundup.pp -i /usr/share/selinux/refpolicy/rpc.pp -i /usr/share/selinux/refpolicy/rpcbind.pp -i /usr/share/selinux/refpolicy/rpm.pp -i /usr/share/selinux/refpolicy/rshd.pp -i /usr/share/selinux/refpolicy/rssh.pp -i /usr/share/selinux/refpolicy/rsync.pp -i /usr/share/selinux/refpolicy/rwho.pp -i /usr/share/selinux/refpolicy/samba.pp -i /usr/share/selinux/refpolicy/sasl.pp -i /usr/share/selinux/refpolicy/screen.pp -i /usr/share/selinux/refpolicy/selinuxutil.pp -i /usr/share/selinux/refpolicy/sendmail.pp -i /usr/share/selinux/refpolicy/setrans.pp -i /usr/share/selinux/refpolicy/setroubleshoot.pp -i /usr/share/selinux/refpolicy/slocate.pp -i /usr/share/selinux/refpolicy/slrnpull.pp -i /usr/share/selinux/refpolicy/smartmon.pp -i /usr/share/selinux/refpolicy/snmp.pp -i /usr/share/selinux/refpolicy/snort.pp -i /usr/share/selinux/refpolicy/soundserver.pp -i /usr/share/selinux/refpolicy/spamassassin.pp -i /usr/share/selinux/refpolicy/speedtouch.pp -i /usr/share/selinux/refpolicy/squid.pp -i /usr/share/selinux/refpolicy/ssh.pp -i /usr/share/selinux/refpolicy/storage.pp -i /usr/share/selinux/refpolicy/stunnel.pp -i /usr/share/selinux/refpolicy/su.pp -i /usr/share/selinux/refpolicy/sudo.pp -i /usr/share/selinux/refpolicy/sxid.pp -i /usr/share/selinux/refpolicy/sysnetwork.pp -i /usr/share/selinux/refpolicy/sysstat.pp -i /usr/share/selinux/refpolicy/tcpd.pp -i /usr/share/selinux/refpolicy/telnet.pp -i /usr/share/selinux/refpolicy/tftp.pp -i /usr/share/selinux/refpolicy/thunderbird.pp -i /usr/share/selinux/refpolicy/timidity.pp -i /usr/share/selinux/refpolicy/tmpreaper.pp -i /usr/share/selinux/refpolicy/tor.pp -i /usr/share/selinux/refpolicy/transproxy.pp -i /usr/share/selinux/refpolicy/tripwire.pp -i /usr/share/selinux/refpolicy/tvtime.pp -i /usr/share/selinux/refpolicy/tzdata.pp -i /usr/share/selinux/refpolicy/ucspitcp.pp -i /usr/share/selinux/refpolicy/udev.pp -i /usr/share/selinux/refpolicy/uml.pp -i /usr/share/selinux/refpolicy/unconfined.pp -i /usr/share/selinux/refpolicy/updfstab.pp -i /usr/share/selinux/refpolicy/uptime.pp -i /usr/share/selinux/refpolicy/usbmodules.pp -i /usr/share/selinux/refpolicy/userdomain.pp -i /usr/share/selinux/refpolicy/userhelper.pp -i /usr/share/selinux/refpolicy/usermanage.pp -i /usr/share/selinux/refpolicy/usernetctl.pp -i /usr/share/selinux/refpolicy/uucp.pp -i /usr/share/selinux/refpolicy/uwimap.pp -i /usr/share/selinux/refpolicy/vbetool.pp -i /usr/share/selinux/refpolicy/vmware.pp -i /usr/share/selinux/refpolicy/vpn.pp -i /usr/share/selinux/refpolicy/watchdog.pp -i /usr/share/selinux/refpolicy/webalizer.pp -i /usr/share/selinux/refpolicy/wine.pp -i /usr/share/selinux/refpolicy/xen.pp -i /usr/share/selinux/refpolicy/xfs.pp -i /usr/share/selinux/refpolicy/xprint.pp -i /usr/share/selinux/refpolicy/xserver.pp -i /usr/share/selinux/refpolicy/xwindows.pp -i /usr/share/selinux/refpolicy/yam.pp -i /usr/share/selinux/refpolicy/zabbix.pp -i /usr/share/selinux/refpolicy/zebra.pp
> > > > make: *** [load] Segmentation fault
> > >
> > > If I rebuild with CFLAGS+=-g and try again, now I get:
> > > libsepol.print_missing_requirements: xwindows's global requirements were not met: common httpd_can_network_relay
> > > libsemanage.semanage_link_sandbox: Link packages failed
> > > /usr/sbin/semodule: Failed!
> >
> > And if I run that under valgrind, I get:
> > ==5617== Conditional jump or move depends on uninitialised value(s)
> > ==5617== at 0x4036DC8: print_missing_requirements (link.c:1857)
> > ==5617== by 0x40371CE: enable_avrules (link.c:1941)
> > ==5617== by 0x4038246: link_modules (link.c:2226)
> > ==5617== by 0x403A687: sepol_link_packages (module.c:302)
> > ==5617== by 0x408FEDA: semanage_link_sandbox (semanage_store.c:1605)
> > ==5617== by 0x4082AC6: semanage_direct_commit (direct_api.c:509)
> > ==5617== by 0x4087234: semanage_commit (handle.c:254)
> > ==5617== by 0x8049C02: main (semodule.c:452)
> > ==5617==
> > ==5617== Use of uninitialised value of size 4
> > ==5617== at 0x4036F1B: print_missing_requirements (link.c:1873)
> > ==5617== by 0x40371CE: enable_avrules (link.c:1941)
> > ==5617== by 0x4038246: link_modules (link.c:2226)
> > ==5617== by 0x403A687: sepol_link_packages (module.c:302)
> > ==5617== by 0x408FEDA: semanage_link_sandbox (semanage_store.c:1605)
> > ==5617== by 0x4082AC6: semanage_direct_commit (direct_api.c:509)
> > ==5617== by 0x4087234: semanage_commit (handle.c:254)
> > ==5617== by 0x8049C02: main (semodule.c:452)
> > ==5617==
> > ==5617== Use of uninitialised value of size 4
> > ==5617== at 0x4036F2E: print_missing_requirements (link.c:1873)
> > ==5617== by 0x40371CE: enable_avrules (link.c:1941)
> > ==5617== by 0x4038246: link_modules (link.c:2226)
> > ==5617== by 0x403A687: sepol_link_packages (module.c:302)
> > ==5617== by 0x408FEDA: semanage_link_sandbox (semanage_store.c:1605)
> > ==5617== by 0x4082AC6: semanage_direct_commit (direct_api.c:509)
> > ==5617== by 0x4087234: semanage_commit (handle.c:254)
> > ==5617== by 0x8049C02: main (semodule.c:452)
> > ==5617==
> > ==5617== Invalid read of size 4
> > ==5617== at 0x4036F2E: print_missing_requirements (link.c:1873)
> > ==5617== by 0x40371CE: enable_avrules (link.c:1941)
> > ==5617== by 0x4038246: link_modules (link.c:2226)
> > ==5617== by 0x403A687: sepol_link_packages (module.c:302)
> > ==5617== by 0x408FEDA: semanage_link_sandbox (semanage_store.c:1605)
> > ==5617== by 0x4082AC6: semanage_direct_commit (direct_api.c:509)
> > ==5617== by 0x4087234: semanage_commit (handle.c:254)
> > ==5617== by 0x8049C02: main (semodule.c:452)
> > ==5617== Address 0xFCE0AD4 is 4 bytes before a block of size 16 alloc'd
> > ==5617== at 0x4005525: malloc (vg_replace_malloc.c:149)
> > ==5617== by 0x404116C: policydb_index_classes (policydb.c:686)
> > ==5617== by 0x40380F8: link_modules (link.c:2217)
> > ==5617== by 0x403A687: sepol_link_packages (module.c:302)
> > ==5617== by 0x408FEDA: semanage_link_sandbox (semanage_store.c:1605)
> > ==5617== by 0x4082AC6: semanage_direct_commit (direct_api.c:509)
> > ==5617== by 0x4087234: semanage_commit (handle.c:254)
> > ==5617== by 0x8049C02: main (semodule.c:452)
> > ==5617==
> > ==5617== Use of uninitialised value of size 4
> > ==5617== at 0x4036F35: print_missing_requirements (link.c:1873)
> > ==5617== by 0x40371CE: enable_avrules (link.c:1941)
> > ==5617== by 0x4038246: link_modules (link.c:2226)
> > ==5617== by 0x403A687: sepol_link_packages (module.c:302)
> > ==5617== by 0x408FEDA: semanage_link_sandbox (semanage_store.c:1605)
> > ==5617== by 0x4082AC6: semanage_direct_commit (direct_api.c:509)
> > ==5617== by 0x4087234: semanage_commit (handle.c:254)
> > ==5617== by 0x8049C02: main (semodule.c:452)
> > libsepol.print_missing_requirements: xwindows's global requirements were not met: common (null) Is a directory.
> > libsemanage.semanage_link_sandbox: Link packages failed Is a directory.
> > /usr/sbin/semodule: Failed!
>
> Line 1746 of link.c returns 0 without setting req->symbol_type and
> req->symbol_value?
>
> id was x_window.
If I simply remove those two lines from libsepol such that it falls
through to looking up the permission and setting up the req structure
properly before returning 0, I get:
libsepol.print_missing_requirements: xwindows's global requirements were not met: class x_window, permission all_x_window_perms
libsemanage.semanage_link_sandbox: Link packages failed
And indeed those symbols appear in the module but are not defined by
security_classes or access_vectors.
Modified Paths:
--------------
trunk/libsepol/src/link.c
Modified: trunk/libsepol/src/link.c
===================================================================
--- trunk/libsepol/src/link.c 2007-10-05 17:49:15 UTC (rev 2644)
+++ trunk/libsepol/src/link.c 2007-10-11 20:14:02 UTC (rev 2645)
@@ -1742,8 +1742,6 @@
id);
return -1;
}
- if (scope->scope == SCOPE_REQ)
- return 0;
fparg.valuep = perm_value;
fparg.key = NULL;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-11-05 19:09:12
|
Revision: 2674
http://selinux.svn.sourceforge.net/selinux/?rev=2674&view=rev
Author: ssmalley
Date: 2007-11-05 11:09:04 -0800 (Mon, 05 Nov 2007)
Log Message:
-----------
Don't allow self aliasing of types, not that there is anything wrong with that.
Modified Paths:
--------------
trunk/libsepol/src/link.c
Modified: trunk/libsepol/src/link.c
===================================================================
--- trunk/libsepol/src/link.c 2007-11-05 19:08:25 UTC (rev 2673)
+++ trunk/libsepol/src/link.c 2007-11-05 19:09:04 UTC (rev 2674)
@@ -696,6 +696,12 @@
return -1;
}
+ if (!strcmp(id, target_id)) {
+ ERR(state->handle, "%s: Self aliasing of %s.",
+ state->cur_mod_name, id);
+ return -1;
+ }
+
base_type = hashtab_search(state->base->p_types.table, id);
if (base_type == NULL) {
if (state->verbose)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2008-05-05 14:44:13
|
Revision: 2876
http://selinux.svn.sourceforge.net/selinux/?rev=2876&view=rev
Author: ssmalley
Date: 2008-05-05 07:44:10 -0700 (Mon, 05 May 2008)
Log Message:
-----------
Author: Stephen Smalley
Email: sd...@ty...
Subject: segfault using dismod when linking modules
Date: Fri, 02 May 2008 09:45:12 -0400
On Thu, 2008-05-01 at 16:04 -0400, Eric Paris wrote:
> Maybe someone else will know this pretty quickly. I'm attaching a
> tiny little base.conf and base.mod and a tiny test.te and test.mod
> that I built. When I try to link them together I get a segfault
> somewhere through user_fix_callback() -> mls_level_convert()
>
> Anyway, maybe I'll get to looking at it tomorrow, but if anyone else
> who actually understands all of this has a chance to look let me
> know....
Looks like mls_level_convert() falls over dead if passed an "empty" user
declaration, which appears to happen when you specify a require on it
but not a declaration for it in your module, which is what you do in
test.te. Patch below will at least fix the symptom - not sure whether
it will yield the expected end result though.
Modified Paths:
--------------
trunk/libsepol/src/link.c
Modified: trunk/libsepol/src/link.c
===================================================================
--- trunk/libsepol/src/link.c 2008-05-05 14:42:01 UTC (rev 2875)
+++ trunk/libsepol/src/link.c 2008-05-05 14:44:10 UTC (rev 2876)
@@ -864,6 +864,10 @@
if (!mod->policy->mls)
return 0;
+ /* Required not declared. */
+ if (!src->sens)
+ return 0;
+
assert(mod->map[SYM_LEVELS][src->sens - 1]);
dst->sens = mod->map[SYM_LEVELS][src->sens - 1];
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X