diff options
author | Stephen Smalley <sds@tycho.nsa.gov> | 2012-10-02 12:47:51 -0400 |
---|---|---|
committer | Stephen Smalley <sds@tycho.nsa.gov> | 2012-10-02 12:47:51 -0400 |
commit | 61e917ad2f1fbf39b3205d7568fcd3684b0ccda6 (patch) | |
tree | 3792b3403d2f51b5f567b73560d9923bb4194e27 | |
parent | 525a22446b011415038e3c4b213ba691286f28a5 (diff) | |
download | libselinux-61e917ad2f1fbf39b3205d7568fcd3684b0ccda6.tar.gz |
Apply context validation when loading file_contexts.tools_r21
Change-Id: I7c0bdca5c9a1ffe428200a830c1b706fc8ed9675
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
-rw-r--r-- | src/label_file.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/label_file.c b/src/label_file.c index c4cf9d3..4446a54 100644 --- a/src/label_file.c +++ b/src/label_file.c @@ -375,6 +375,14 @@ static int process_line(struct selabel_handle *rec, skip_type: spec_arr[nspec].lr.ctx_raw = strdup(context); + if (strcmp(context, "<<none>>") && rec->validating) { + if (selabel_validate(rec, &spec_arr[nspec].lr) < 0) { + selinux_log(SELINUX_WARNING, + "%s: line %d has invalid context %s\n", + path, lineno, spec_arr[nspec].lr.ctx_raw); + } + } + /* Determine if specification has * any meta characters in the RE */ spec_hasMetaChars(&spec_arr[nspec]); |