| 554b7e4e82ee4b23155ade680c985e2f657c208a |
|
03-May-2017 |
Sandeep Patil <sspatil@google.com> |
Revert "Revert "move file_context APIs out of libselinux_vendor""
This reverts commit 379af6c574b0981035f6f42e3130652d7c3ba789.
Also make sure label_file.c is compiled in all targets that libselinux
is built for.
Bug: 37343404
Bug: 37919668
Test: Build and boot
Change-Id: I7e06ad6cad13d157ba1fb6bfd23ce9ceddf3ba79
Signed-off-by: Sandeep Patil <sspatil@google.com>
/external/selinux/libselinux/src/label.c
|
| 379af6c574b0981035f6f42e3130652d7c3ba789 |
|
03-May-2017 |
Nick Kralevich <nnk@google.com> |
Revert "move file_context APIs out of libselinux_vendor"
MAC builds have the following compile error:
Undefined symbols for architecture x86_64:
"_selabel_file_init", referenced from:
_initfuncs in label.o
ld: symbol(s) not found for architecture x86_64
clang.real: error: linker command failed with exit code 1 (use -v to see invocation)
Reverting patchset.
This reverts commit 17430be32e2b6b5fd90b95057159a2a65ea790f5.
Test: code compiles
Change-Id: If6a5182f2b42a5de637d8867979906685a21e165
/external/selinux/libselinux/src/label.c
|
| 17430be32e2b6b5fd90b95057159a2a65ea790f5 |
|
01-May-2017 |
Sandeep Patil <sspatil@google.com> |
move file_context APIs out of libselinux_vendor
libselinux_vendor does not need any file_context handling and so make
those APIs part of platform libselinux and remove them out of vendor.
This will also let us remove the PCRE2 dependency from libselinux_vendor
Bug: 37343404
Test: Build and boot
Change-Id: I7aa3c03e471fc1cf130270c922d2f0922ee87e3a
Signed-off-by: Sandeep Patil <sspatil@google.com>
/external/selinux/libselinux/src/label.c
|
| 2cc30d6029d52690bf01b2dc4a04d8af3a49261f |
|
12-Apr-2017 |
Jeff Vander Stoep <jeffv@google.com> |
Merge remote-tracking branch 'aosp/upstream-master' into mymerge
Bug: 36508258
Test: build and boot Marlin.
Change-Id: Ic5f92ad304dca23ddbfaaffd86489f3a556f9a1e
|
| 64afa1aff1cd610d2493f780e2a44b551f668b84 |
|
11-Dec-2016 |
Nick Kralevich <nnk@google.com> |
libselinux: add O_CLOEXEC
Makes libselinux safer and less likely to leak file descriptors when
used as part of a multithreaded program.
Signed-off-by: Nick Kralevich <nnk@google.com>
/external/selinux/libselinux/src/label.c
|
| 55b5b7a646589f2eb3b77ab4f58ccc1d2b010727 |
|
07-Apr-2017 |
Nicolas Iooss <nicolas.iooss@m4x.org> |
libselinux: do not dereference a NULL pointer when calloc() fails
selabel_is_digest_set() contains the following code:
digest = calloc(1, sizeof(*digest));
if (!digest)
goto err;
/* ... */
err:
free(digest->digest);
If calloc() failed, digest is NULL but is dereferenced when the
execution jumps to label err.
Check that digest is not NULL before freeing its fields.
This issue has been found using clang's static analyzer.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
/external/selinux/libselinux/src/label.c
|
| 50400d38203e4db08314168e60c281cc61a717a8 |
|
12-Dec-2016 |
dcashman <dcashman@google.com> |
Add ability to specify multiple input files to the selabel_open.
The file_contexts labeling backend, specified in label_file.c, currently assumes
that only one path will be specified as an option to selabel_open(). The split
of platform and non-platform policy on device, however, will necessitate the
loading of two disparate policy files. Rather than combining the files and then
calling the existing API on a newly-formed file, just add the ability to specify
multiple files to use. Order of opt specification to selabel_open matters.
update: Fixed a double-free in the original change that caused the
updater to randomly crash during OTA (b/33938747)
Bug: 31363362
Bug: 33938747
Test: Device builds and boots w/no additional denials with split context files.
Test: Angler can successfully finish sideloaded OTA with updater binary
that is with this change
Change-Id: I85cd1525990f6ad054861e62327bd9c2aac03b02
Signed-off-by: Daniel Cashman <dcashman@google.com>
Signed-off-by: Sandeep Patil <sspatil@google.com>
/external/selinux/libselinux/src/label.c
|
| 66e671111140090a1452db969fc2913c9561c10f |
|
30-Dec-2016 |
Tianjie Xu <xunchang@google.com> |
Revert "Add ability to specify multiple input files to the selabel_open."
This reverts commit da7b3079f5053dc233b83c570362cb29db8ab2c5.
Change-Id: I1c9aebcedead1473720ab26102f12d71d7edbee5
/external/selinux/libselinux/src/label.c
|
| da7b3079f5053dc233b83c570362cb29db8ab2c5 |
|
12-Dec-2016 |
dcashman <dcashman@google.com> |
Add ability to specify multiple input files to the selabel_open.
The file_contexts labeling backend, specified in label_file.c, currently assumes
that only one path will be specified as an option to selabel_open(). The split
of platform and non-platform policy on device, however, will necessitate the
loading of two disparate policy files. Rather than combining the files and then
calling the existing API on a newly-formed file, just add the ability to specify
multiple files to use. Order of opt specification to selabel_open matters.
Bug: 31363362
Test: Device builds and boots w/no additional denials with split context files.
Change-Id: I85cd1525990f6ad054861e62327bd9c2aac03b02
/external/selinux/libselinux/src/label.c
|
| e029ace4d92eee8ba0990e1afbe356ae77b114cc |
|
29-Sep-2016 |
Janis Danisevskis <jdanis@android.com> |
libselinux: makes android label back ends configurable
Android label back ends are now configurable by NO_ANDROID_BACKEND,
which is set if on ANDROID_HOST != y.
Signed-off-by: Janis Danisevskis <jdanis@android.com>
/external/selinux/libselinux/src/label.c
|
| 6dd85b9e0e1d0e875263cc8cba3e3d4383974700 |
|
29-Sep-2016 |
Janis Danisevskis <jdanis@android.com> |
libselinux: android: fix lax service context lookup
We use the same lookup function for service contexts
that we use for property contexts. However, property
contexts are namespace based and only compare the
prefix. This may lead to service associations with
a wrong label.
This patch introduces a new back end for android
services with a stricter lookup function. Now the
service name must match the key of the service label
exactly.
Signed-off-by: Janis Danisevskis <jdanis@android.com>
/external/selinux/libselinux/src/label.c
|
| 84d07ebd48c85902c8ac54359f2b345881f64ad2 |
|
26-Sep-2016 |
William Roberts <william.c.roberts@intel.com> |
libselinux: introduce configurable backends
On Android for both the host build, and the target, certain
backends are not needed:
- X Backend
- DB Backend
- Media Backend
Introduce the following defines for removing them from the
built library:
- NO_X_BACKEND
- NO_DB_BACKEND
- NO_MEDIA_BACKEND
When configured with these options and an attempt
is made to use them, selabel_open() will return
ENOTSUP.
Signed-off-by: William Roberts <william.c.roberts@intel.com>
/external/selinux/libselinux/src/label.c
|
| 90c2d42e033f8c83bfb1f236df788287650f8042 |
|
27-Oct-2015 |
William Roberts <william.c.roberts@intel.com> |
libselinux: label_file: fix memory leaks and uninitialized jump
Some error's were reported by valgrind (below) fix them. The test
cases on which these leaks were detected:
1. properly formed file_contexts file.
2. malformed file_contexts file, unknown type.
3. malformed file_contexts file, type that fails on validate callback.
4. malformed file_contexts file, invalid regex.
5. malformed file_contexts file, invalid mode.
==3819== Conditional jump or move depends on uninitialised value(s)
==3819== at 0x12A682: closef (label_file.c:577)
==3819== by 0x12A196: selabel_close (label.c:163)
==3819== by 0x10A2FD: cleanup (checkfc.c:218)
==3819== by 0x5089258: __run_exit_handlers (exit.c:82)
==3819== by 0x50892A4: exit (exit.c:104)
==3819== by 0x10A231: main (checkfc.c:361)
==3819== Uninitialised value was created by a heap allocation
==3819== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3819== by 0x4C2CF1F: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3819== by 0x12BB31: process_file (label_file.h:273)
==3819== by 0x12A2BA: selabel_file_init (label_file.c:522)
==3819== by 0x12A0BB: selabel_open (label.c:88)
==3819== by 0x10A038: main (checkfc.c:292)
==3819==
==3819==
==3819== HEAP SUMMARY:
==3819== in use at exit: 729 bytes in 19 blocks
==3819== total heap usage: 21,126 allocs, 21,107 frees, 923,854 bytes allocated
==3819==
==3819== 81 bytes in 1 blocks are definitely lost in loss record 1 of 2
==3819== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3819== by 0x50D5839: strdup (strdup.c:42)
==3819== by 0x12A2A6: selabel_file_init (label_file.c:517)
==3819== by 0x12A0BB: selabel_open (label.c:88)
==3819== by 0x10A038: main (checkfc.c:292)
==3819==
==4238== 40 bytes in 1 blocks are definitely lost in loss record 1 of 6
==4238== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==4238== by 0x12A1D2: selabel_file_init (label_file.c:886)
==4238== by 0x12A0BB: selabel_open (label.c:88)
==4238== by 0x10A038: main (checkfc.c:292)
==4238==
==4238== 81 bytes in 1 blocks are definitely lost in loss record 2 of 6
==4238== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==4238== by 0x50D5839: strdup (strdup.c:42)
==4238== by 0x12A2A6: selabel_file_init (label_file.c:517)
==4238== by 0x12A0BB: selabel_open (label.c:88)
==4238== by 0x10A038: main (checkfc.c:292)
==4238==
==4238== 386 bytes in 24 blocks are definitely lost in loss record 3 of 6
==4238== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==4238== by 0x50D5889: strndup (strndup.c:45)
==4238== by 0x12CDDF: read_spec_entries (label_support.c:37)
==4238== by 0x12B72D: process_file (label_file.h:392)
==4238== by 0x12A2BA: selabel_file_init (label_file.c:522)
==4238== by 0x12A0BB: selabel_open (label.c:88)
==4238== by 0x10A038: main (checkfc.c:292)
==4238==
==4238== 648 bytes in 18 blocks are definitely lost in loss record 4 of 6
==4238== at 0x4C2CC70: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==4238== by 0x117C9B: avtab_insert_node (avtab.c:105)
==4238== by 0x117C10: avtab_insert (avtab.c:163)
==4238== by 0x11880A: avtab_read_item (avtab.c:566)
==4238== by 0x118BD3: avtab_read (avtab.c:600)
==4238== by 0x125BDD: policydb_read (policydb.c:3854)
==4238== by 0x109F87: main (checkfc.c:273)
==4238==
==4238== 1,095 bytes in 12 blocks are definitely lost in loss record 5 of 6
==4238== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==4238== by 0x12D8D1: pcre_compile2 (pcre_compile.c:9217)
==4238== by 0x12B239: compile_regex (label_file.h:357)
==4238== by 0x12B9C7: process_file (label_file.h:429)
==4238== by 0x12A2BA: selabel_file_init (label_file.c:522)
==4238== by 0x12A0BB: selabel_open (label.c:88)
==4238== by 0x10A038: main (checkfc.c:292)
==4238==
==4238== 1,296 bytes in 12 blocks are definitely lost in loss record 6 of 6
==4238== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==4238== by 0x13EBE5: pcre_study (pcre_study.c:1565)
==4238== by 0x12B25D: compile_regex (label_file.h:366)
==4238== by 0x12B9C7: process_file (label_file.h:429)
==4238== by 0x12A2BA: selabel_file_init (label_file.c:522)
==4238== by 0x12A0BB: selabel_open (label.c:88)
==4238== by 0x10A038: main (checkfc.c:292)
Signed-off-by: William Roberts <william.c.roberts@intel.com>
/external/selinux/libselinux/src/label.c
|
| e40bbea95f555fe9708cbbc39895bd67a8ac6c48 |
|
30-Sep-2015 |
Richard Haines <richard_c_haines@btinternet.com> |
libselinux: Add selabel_digest function
selabel_digest(3) if enabled by the SELABEL_OPT_DIGEST option during
selabel_open(3) will return an SHA1 digest of the spec files, plus
a list of the specfiles used to calculate the digest. There is a
test utility supplied that will demonstrate the functionality.
The use case for selabel_digest(3) is to implement an selinux_restorecon
function based on the Android version that writes a hash of the
file_contexts files to an extended attribute to enhance performance
(see external/libselinux/src/android.c selinux_android_restorecon()).
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
/external/selinux/libselinux/src/label.c
|
| 6f295008efd72baac05ecd88587b706e50a77e49 |
|
05-Aug-2015 |
Stephen Smalley <sds@tycho.nsa.gov> |
libselinux: add selabel_cmp interface and label_file backend
Add a selabel_cmp() interface for comparing two label configurations,
and implement it for the file backend (i.e. for file_contexts). This
allows comparing two file_contexts configurations to see if the first
is a subset of, equal/identical to, a superset of, or incomparable to
the second. The motivating use case is to allow comparing two
file_contexts.bin files in Android CTS to confirm that a device
file_contexts.bin file contains all of the entries in the AOSP
general file_contexts.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
/external/selinux/libselinux/src/label.c
|
| f2cd2f821fa34e8c7a12744626e19208463aa4e2 |
|
10-Jul-2015 |
Richard Haines <richard_c_haines@btinternet.com> |
libselinux: Add const to selinux_opt for label backends.
Change selabel_open and label backends to take a
'const struct selinux_opt' argument. This work has already
been done for the Android version components.
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
/external/selinux/libselinux/src/label.c
|
| e7f970ffd1a8dbb26051405719a2288d34e856f6 |
|
06-May-2015 |
Richard Haines <richard_c_haines@btinternet.com> |
libselinux: Add selabel partial and best match APIs
Add support for new API functions selabel_partial_match and
selabel_lookup_best_match ported from the Android libselinux
fork.
Add supporting man(3) pages and test utilities: selabel_lookup,
selabel_lookup_best_match and selabel_partial_match.
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
/external/selinux/libselinux/src/label.c
|
| 9eb9c9327563014ad6a807814e7975424642d5b9 |
|
19-Feb-2014 |
Stephen Smalley <sds@tycho.nsa.gov> |
Get rid of security_context_t and fix const declarations.
In attempting to enable building various part of Android with -Wall -Werror,
we found that the const security_context_t declarations in libselinux
are incorrect; const char * was intended, but const security_context_t
translates to char * const and triggers warnings on passing
const char * from the caller. Easiest fix is to replace them all with
const char *. And while we are at it, just get rid of all usage of
security_context_t itself as it adds no value - there is no true
encapsulation of the security context strings and callers already
directly use string functions on them. typedef left to permit
building legacy users until such a time as all are updated.
This is a port of Change-Id I2f9df7bb9f575f76024c3e5f5b660345da2931a7
from Android, augmented to deal with all of the other code in upstream
libselinux and updating the man pages too.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Eric Paris <eparis@redhat.com>
/external/selinux/libselinux/src/label.c
|
| 22671378f1ace857be4697a3b3aaf1645076d398 |
|
09-Oct-2013 |
Dan Walsh <dwalsh@redhat.com> |
Fix label substituion to work with the equiv path of "/"
Software collections are setting up equiv directories to the root directory.
/external/selinux/libselinux/src/label.c
|
| fd56c5230cea6b81fbe74d1d0a228936a6797923 |
|
09-Oct-2013 |
Dan Walsh <dwalsh@redhat.com> |
Separate out the calling of local subs and dist subs in selabel_sub
We want to allow users to setup their substitions to run fist and then run
the distro subs second. This fixes the problem where a user defines
a sub like /usr/local/foobar and we ignore it. We need this for
software collections which is setting up local subs of /opt/src/foobar/root /
/external/selinux/libselinux/src/label.c
|
| cfc492cf11e1b641e2a0478907d56a17b771a067 |
|
31-May-2012 |
rpcraig <rpcraig@tycho.ncsc.mil> |
libselinux: New Android property labeling backend
This is already in the android repo. This is here to prevent potential
conflicts of the selabel indices, and possibly with an eye toward an eventual
reunification of the two libselinuxes down the road.
Reviewed-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/src/label.c
|
| 2ca19f3f676a2747a38cf2d7dcf5037ccc8a9eb1 |
|
25-May-2012 |
Dan Walsh <dwalsh@redhat.com> |
libselinux: asprintf return code must be checked
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/src/label.c
|
| 16a37c9f94c1e2dfb865e17e4200d2824d4971f5 |
|
19-Dec-2011 |
Richard Haines <richard_c_haines@btinternet.com> |
libselinux - correct selabel invalid context logging
When selabel_lookup found an invalid context with validation enabled, it
always stated it was 'file_contexts' whether media, x, db or file.
The fix is to store the spec file name in the selabel_lookup_rec on
selabel_open and use this as output for logs. Also a minor fix if key is
NULL to stop seg faults.
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/src/label.c
|
| 023c9c1fdee963606d830b70db108bd9031390f4 |
|
03-Oct-2011 |
Eric Paris <eparis@redhat.com> |
libselinux: label: cosmetic cleanups
Return early to save an indent. Clean up all memory on ENOMEM
conditions. Use '\0' instead of 0 for nul terminiator. Style changes
to make Eric happy.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/src/label.c
|
| 441cf2ea924c13ed5002012aadd128f71d9e9c9d |
|
18-Apr-2011 |
Richard Haines <richard_c_haines@btinternet.com> |
libselinux: selabel_open fix processing of substitution files
libselinux selabel_open function always processed the substitution files (if
installed) from the active policy contexts/files/file_contexts.subs and
subs_dist irrespective of the backend type or SELABEL_OPT_PATH setting. This
patch now processes the correct subs files when selabel_open is called with
SELABEL_CTX_FILE. The other backends could also process their own substitution
files if needed in their own areas.
[move the init declaration to label_internal.h - eparis]
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/src/label.c
|
| 20b43b3fd3d392c4f12a963a4e46c264e7ed5163 |
|
06-Apr-2011 |
Daniel J Walsh <dwalsh@redhat.com> |
This patch adds a new subs_dist file.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The idea is to allow distributions to ship a subs file as well as let
the user modify subs.
In F16 we are looking at shipping a
file_contexts.subs_dist file like this
cat file_contexts.subs_dist
/run /var/run
/run/lock /var/lock
/var/run/lock /var/lock
/lib64 /lib
/usr/lib64 /usr/lib
The we will remove all (64)? from policy.
This will allow us to make sure all /usr/lib/libBLAH is labeled the same
as /usr/lib64/libBLAH
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk2c1ksACgkQrlYvE4MpobNXcQCgqgAiQJxmwa1+NdIq8E3tQRp6
QT0An0ihA60di9CRsEqEdVbSaHOwtte5
=LXgd
-----END PGP SIGNATURE-----
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/libselinux/src/label.c
|
| a00fd94a46e92a233f4e613660e9962918f28207 |
|
03-Dec-2010 |
Eamon Walsh <ewalsh@tycho.nsa.gov> |
selabel: Store substitution data in the handle instead of globally.
This is for thread safety.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
/external/selinux/libselinux/src/label.c
|
| 70aeeb918aa721ad90ed8e1b433a55c8ecf2cb83 |
|
15-Mar-2010 |
Eamon Walsh <ewalsh@tycho.nsa.gov> |
This patch allows selabel_*() interfaces to provide an expected security context
for the given database object identified by its name and object class.
It is necessary to implement a feature something like the restorecon on databases.
The specfile shall be described as follows:
------------------------
#
# The specfile for database objects
# (for SE-PostgreSQL)
#
# <object class> <object name> <security context>
#
db_database * system_u:object_r:sepgsql_db_t:s0
db_schema *.pg_catalog system_u:obejct_r:sepgsql_sys_schema_t:s0
db_schema *.* system_u:object_r:sepgsql_schema_t:s0
db_table *.pg_catalog.* system_u:object_r:sepgsql_sysobj_t:s0
db_table *.*.* system_u:object_r:sepgsql_table_t:s0
------------------------
- All the characters after the '#' are ignored.
- Wildcards ('*' and '?') are available.
- It returns the first match security context.
Note that hierarchy of the namespace of database objects depends on RDBMS.
So, author of the specfile needs to write correct patterns which are suitable
for the target RDBMS. The patched selabel_*() interfaces don't have any
heuristics for the namespace hierarchy to be suitable for widespread RDBMSs.
In the case of SE-PgSQL, when we lookup an expected security context for the
'my_table' table in the 'public' schema and 'postgres' database, the caller
shall provide 'postgres.public.my_table' as a key.
In the default, it tries to read a specfile which maps database objects and security
context from the /etc/selinux/$POLICYTYPE/contexts/sepgsql_contexts.
Note that when another RDBMS uses this interface, it needs to give an explicit
SELABEL_OPT_PATH option on the selabel_open().
Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Acked-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
/external/selinux/libselinux/src/label.c
|
| 20271d94ed2b26b94b052ba6ed90b63566cecbb7 |
|
04-Jun-2009 |
Daniel J Walsh <dwalsh@redhat.com> |
Author: Daniel J Walsh
Email: dwalsh@redhat.com
Subject: SELinux context patch
Date: Mon, 18 May 2009 14:16:12 -0400
This patch adds context files for virtual_domain and virtual_image,
these are both being used to locat the default context to be executed by
svirt.
I also included the subs patch which I submitted before. This patch
allows us to substitute prefixes to matchpathcon.
So we can say /export/home == /home
and
/web == /var/www
Author: Chad Sellers
Email: csellers@tresys.com
Flipped free()'s in original patch when strdup'd fail to proper order.
Signed-off-by: Chad Sellers <csellers@tresys.com>
/external/selinux/libselinux/src/label.c
|
| 13cd4c8960688af11ad23b4c946149015c80d549 |
|
19-Aug-2008 |
Joshua Brindle <method@manicmethod.com> |
initial import from svn trunk revision 2950
/external/selinux/libselinux/src/label.c
|