topjohnwu/selinux
1
0
Fork 0
mirror of https://github.com/topjohnwu/selinux.git synced 2024-12-11 13:26:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
9c26043af6
selinux/libsepol
History
James Carter 61fbdce666 libsepol/cil: Check for self-referential loops in sets 
The secilc-fuzzer found a self-referential loop using category sets.
Any set declaration in CIL that allows sets in it is susceptible to
the creation of a self-referential loop. There is a check, but only
for the name of the set being declared being used in the set
declaration.

Check for self-refential loops in user, role, and type attributes
and in category sets. Since all of the sets need to be declared,
this check has to be done when verifying the CIL db before doing
the post phase.

Signed-off-by: James Carter <jwcart2@gmail.com>
2021-05-13 10:55:34 -04:00
..
cil libsepol/cil: Check for self-referential loops in sets 2021-05-13 10:55:34 -04:00
include libsepol: Create function ebitmap_highest_set_bit() 2021-02-19 16:30:11 +01:00
man selinux: Update manpages after removing legacy boolean and user code 2019-07-29 23:46:47 +02:00
src libsepol: use checked arithmetic builtin to perform safe addition 2021-04-30 21:09:36 +02:00
tests libsepol/tests: drop ncurses dependency 2020-05-04 10:31:44 +02:00
utils libsepol: build: follow standard semantics for DESTDIR and PREFIX 2018-02-14 15:59:36 +01:00
.gitignore libsepol: build cil into libsepol 2014-08-26 08:03:31 -04:00
COPYING initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
Makefile libsepol: build cil into libsepol 2014-08-26 08:03:31 -04:00
VERSION Update VERSIONs to 3.2 for release. 2021-03-04 16:42:59 +01:00