Package: libsepol1 Version: 1.14-2 Severity: important libsepol uses a static unsigned char buffer to read data into when reading from file (private.h: next_entry). The pointer to this buffer is returned and is later casted to a uint32_t pointer (module.c: module_package_read_offsets).
The problem with this is that the pointer is not 4-bytes align resulting in the address being used to read the first 4 bytes is not xxxxxxxD but xxxxxxxC so the 4 bytes read will be a random byte and then the first three bytes from the file. This means that the magic number in selinux module files doesn't match and selinux is effectivly unusable on arm. The patch below fixes the problem. Please consider releasing an updated version to etch since selinux is not usable without it. Thanks, Erik Johansson --- private.h~ 2006-06-29 20:21:13.000000000 +0200 +++ private.h 2007-08-25 15:12:14.000000000 +0200 @@ -36,7 +36,7 @@ /* Reading from a policy "file". */ static inline void *next_entry(struct policy_file *fp, size_t bytes) { - static unsigned char buffer[BUFSIZ]; + static unsigned char buffer[BUFSIZ] __attribute__ ((aligned)); size_t nread; if (bytes > sizeof buffer) -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: arm (armv5tel) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-5-ixp4xx Locale: LANG=en_DK.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8) Versions of packages libsepol1 depends on: ii libc6 2.3.6.ds1-13etch2 GNU C Library: Shared libraries libsepol1 recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]