In general this series looks fine.
However, checkpatch.pl is complaining about DOS line endings in your patches:
For example:
ERROR: DOS line endings
#325: FILE: libselinux/src/label_file.h:281:
+^I^Iint alloc_stems = data->alloc_stems * 2 + 16;^M$
On Fri, Apr 13, 2018 at 1:34 PM, Nicolas Io
When load_users() parses an invalid line with an empty level context
(ie. nothing between "level" and "range" keywords), it allocates memory
with malloc(0) and uses it. The behavior of malloc() in this case is
an unspecified behavior: it might return NULL, which would lead to a
segmentation fault.
In cond_expr_to_cil(), when stack_init() fails to allocate a stack, the
function calls stack_pop() with stack = NULL. Then stack_pop()
dereferences the pointer ("if (stack->pos == -1) {"), which is NULL.
Fix this by moving the stack cleaning loop in a "if (stack != NULL)"
block.
This issue is rep
In getconlist.c's main(), "level" is duplicated from an optional
argument without being ever freed. clang's static analyzer warns about
this memory leak.
Free the allocated memory properly in order to remove a warning reported
by clang's static analyzer.
Signed-off-by: Nicolas Iooss
---
libseli
In getconlist.c, main() does not use usercon. Remove this variable.
Signed-off-by: Nicolas Iooss
---
libselinux/utils/getconlist.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/libselinux/utils/getconlist.c b/libselinux/utils/getconlist.c
index abfe2c742bfb..5ac0ca85075c
If store_stem() fails to expand the memory allocated on data->stem_arr,
some things go wrong:
* the memory referenced by "buf" is leaked,
* data->alloc_stems has been increased without data->stem_arr having
been expanded. So the next time store_stem() is called, the function
will behave as if t
Enhance the tests as follows:
1) Determine number of tests to run with current config.
2) Add CALIPSO STREAM tests (DGRAM not supported in kernel. See [1]).
3) Add support for CIPSO TAGS 1 & 2. Closes [2].
4) Run scripts using /bin/sh.
5) Shorten sleep time as more tests.
[1] https://github.com/SE