1 files changed, 0 insertions, 48 deletions

diff --git a/pcr/libsepol/0001-libsepol-cil-Check-for-improper-category-range.patch b/pcr/libsepol/0001-libsepol-cil-Check-for-improper-category-range.patch
deleted file mode 100644
index dc4c07ea5..000000000
--- a/pcr/libsepol/0001-libsepol-cil-Check-for-improper-category-range.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From 0763ecb640e0ad527ec21ba1f9bc95174744b12b Mon Sep 17 00:00:00 2001
-From: James Carter <jwcart2@tycho.nsa.gov>
-Date: Tue, 18 Oct 2016 14:17:03 -0400
-Subject: [PATCH] libsepol/cil: Check for improper category range
-
-Nicolas Iooss found while fuzzing secilc with AFL that the following
-policy will cause a segfault.
-
-(category c0)
-(category c1)
-(categoryorder (c0 c1))
-(sensitivity s0)
-(sensitivitycategory s0 (range c1 c0))
-
-The category range "(range c1 c0)" is invalid because c1 comes after c0
-in order.
-
-The invalid range is evaluated as containing no categories. There is a
-check for the resulting empty list and the category datum expression is
-set to NULL. The segfault occurs because the datum expression is assumed
-to be non-NULL after evaluation.
-
-Add a check for an invalid range when evaluating category ranges.
-
-Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
----
- libsepol/cil/src/cil_post.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/libsepol/cil/src/cil_post.c b/libsepol/cil/src/cil_post.c
-index f8447c981486..caf3321d09e1 100644
---- a/libsepol/cil/src/cil_post.c
-+++ b/libsepol/cil/src/cil_post.c
-@@ -952,6 +952,11 @@ static int __cil_cat_expr_range_to_bitmap_helper(struct cil_list_item *i1, struc
- 		c2 = alias->actual;
- 	}
- 
-+	if (c1->value > c2->value) {
-+		cil_log(CIL_ERR, "Invalid category range\n");
-+		goto exit;
-+	}
-+
- 	for (i = c1->value; i <= c2->value; i++) {
- 		if (ebitmap_set_bit(bitmap, i, 1)) {
- 			cil_log(CIL_ERR, "Failed to set cat bit\n");
--- 
-2.10.2
-