mirror of
https://github.com/topjohnwu/selinux.git
synced 2024-12-03 09:00:51 +00:00
685f577aa0
CIL was not correctly determining the depth of constraint expressions which prevented it from giving an error when the max depth was exceeded. This allowed invalid policy binaries with constraint expressions exceeding the max depth to be created. Validate the constraint expression using the same logic that is used when reading the binary policy. This includes checking the depth of the the expression. Reported-by: Jonathan Hettwer <j2468h@gmail.com> Signed-off-by: James Carter <jwcart2@gmail.com> Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com> |
||
|---|---|---|
| .. | ||
| cil | ||
| include | ||
| man | ||
| src | ||
| tests | ||
| utils | ||
| .gitignore | ||
| COPYING | ||
| Makefile | ||
| VERSION | ||