tequilaOS/platform_external_selinux
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

libsepol: do not call a NULL function in additive_scopes_to_cil()

Browse source 
When hll/pp operates on an invalid policy module which defines blocks
with non-empty decl->symtab[SYM_COMMONS], additive_scopes_to_cil_map()
calls func_to_cil[SYM_COMMONS], which is NULL.

In additive_scopes_to_cil(), filter out NULL elements of func_to_cil
before calling additive_scopes_to_cil_map().

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
This commit is contained in:
Nicolas Iooss 2016-11-22 23:23:38 +01:00 committed by Stephen Smalley
parent 8f9057c2ea
commit 52b3b625b6
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
libsepol/src/module_to_cil.c
View file

@ -3530,6 +3530,9 @@ static int additive_scopes_to_cil(int indent, struct policydb *pdb, struct avrul
struct avrule_decl *decl = stack_peek(decl_stack); struct avrule_decl *decl = stack_peek(decl_stack);
for (args.sym_index = 0; args.sym_index < SYM_NUM; args.sym_index++) { for (args.sym_index = 0; args.sym_index < SYM_NUM; args.sym_index++) {
if (func_to_cil[args.sym_index] == NULL) {
continue;
}
rc = hashtab_map(decl->symtab[args.sym_index].table, additive_scopes_to_cil_map, &args); rc = hashtab_map(decl->symtab[args.sym_index].table, additive_scopes_to_cil_map, &args);
if (rc != 0) { if (rc != 0) {
goto exit; goto exit;