From 058dbc84ac7ec06befb71986750b00d5a3211527 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Mar 27 2006 22:04:50 +0000
Subject: - Upgrade to latest from NSA

Fixed attr_convert_callback and expand_convert_type_set typemap bug.

---

diff --git a/.cvsignore b/.cvsignore
index 8dfc44c..25606e6 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -90,3 +90,4 @@ libsepol-1.11.20.tgz
 libsepol-1.12.tgz
 libsepol-1.12.1.tgz
 libsepol-1.12.2.tgz
+libsepol-1.12.3.tgz
diff --git a/libsepol-rhat.patch b/libsepol-rhat.patch
index 06372db..ecc6ac4 100644
--- a/libsepol-rhat.patch
+++ b/libsepol-rhat.patch
@@ -1,55 +1,47 @@
-diff --exclude-from=exclude -N -u -r nsalibsepol/src/libsepol.map libsepol-1.11.1/src/libsepol.map
---- nsalibsepol/src/libsepol.map	2005-11-15 08:06:55.000000000 -0500
-+++ libsepol-1.11.1/src/libsepol.map	2005-12-27 11:07:34.000000000 -0500
-@@ -4,6 +4,7 @@
- 	sepol_bool_*; sepol_genbools*; 
- 	sepol_context*; sepol_check_context;
- 	sepol_iface_*; 
-+	sepol_port_*;
- 	sepol_user_*; sepol_genusers; sepol_set_delusers;
- 	sepol_msg_*; sepol_debug;
- 	sepol_handle_*;
-diff --exclude-from=exclude -N -u -r nsalibsepol/src/port_record.c libsepol-1.11.1/src/port_record.c
---- nsalibsepol/src/port_record.c	2005-11-01 17:32:59.000000000 -0500
-+++ libsepol-1.11.1/src/port_record.c	2005-12-27 11:07:34.000000000 -0500
-@@ -84,8 +84,8 @@
- 	sepol_port_t* port, 
- 	sepol_port_key_t* key) {
+diff -u -p -r1.5 ebitmap.c
+--- libsepol/src/ebitmap.c	7 Oct 2005 20:10:15 -0000	1.5
++++ libsepol/src/ebitmap.c	27 Mar 2006 21:13:45 -0000
+@@ -12,6 +12,7 @@
+ #include <sepol/policydb/ebitmap.h>
+ #include <sepol/policydb/policydb.h>
  
--	if ((port->low <= key->low) && 
--	    (port->high >= key->high) &&
-+	if ((port->low == key->low) && 
-+	    (port->high == key->high) &&
- 	    (port->proto == key->proto))
- 		return 0;
++#include "debug.h"
+ #include "private.h"
  
-diff --exclude-from=exclude -N -u -r nsalibsepol/src/ports.c libsepol-1.11.1/src/ports.c
---- nsalibsepol/src/ports.c	2005-11-04 15:37:13.000000000 -0500
-+++ libsepol-1.11.1/src/ports.c	2005-12-27 11:07:34.000000000 -0500
-@@ -182,7 +182,7 @@
- 		int low2 = c->u.port.low_port;
- 		int high2 = c->u.port.high_port;
+ int ebitmap_or(ebitmap_t * dst, ebitmap_t * e1, ebitmap_t * e2)
+@@ -182,6 +183,10 @@ int ebitmap_set_bit(ebitmap_t * e, unsig
+ {
+ 	ebitmap_node_t *n, *prev, *new;
  
--		if (proto == proto2 && low2 <= low && high2 >= high) {
-+		if (proto == proto2 && low2 == low && high2 == high) {
- 			*response = 1;
- 			return STATUS_SUCCESS;
- 		}
-@@ -220,7 +220,7 @@
- 		int low2 = c->u.port.low_port;
- 		int high2 = c->u.port.high_port;
++	if (bit == (unsigned int)-1) {
++		ERR(NULL, "negative bit position.");
++		return -EINVAL;
++	}
  
--		if (proto == proto2 && low2 <= low && high2 >= high) {
-+		if (proto == proto2 && low2 == low && high2 == high) {
- 			if (port_to_record(handle, policydb, c, response) < 0)
- 				goto err;
- 			return STATUS_SUCCESS;
-@@ -263,7 +263,7 @@
- 		int low2 = c->u.port.low_port;
- 		int high2 = c->u.port.high_port;
- 
--		if (proto == proto2 && low2 <= low && high2 >= high) {
-+		if (proto == proto2 && low2 == low && high2 == high) {
- 
- 			/* Replace */
- 			port->next = c->next;
+ 	prev = 0;
+ 	n = e->node;
+Index: libsepol/src/expand.c
+===================================================================
+RCS file: /nfshome/pal/CVS/selinux-usr/libsepol/src/expand.c,v
+retrieving revision 1.23
+diff -u -p -r1.23 expand.c
+--- libsepol/src/expand.c	13 Feb 2006 13:59:54 -0000	1.23
++++ libsepol/src/expand.c	27 Mar 2006 21:17:21 -0000
+@@ -138,6 +138,8 @@ static int attr_convert_callback(hashtab
+ 	ebitmap_for_each_bit(&type->types, node, i) {
+ 		if (!ebitmap_node_get_bit(node, i))
+ 			continue; 
++		if (!state->typemap[i])
++			continue;
+ 		if (ebitmap_set_bit(&new_type->types,
+ 				    state->typemap[i]-1, 1)) {
+ 			ERR (state->handle, "out of memory");
+@@ -1441,6 +1443,8 @@ int expand_convert_type_set(policydb_t *
+ 	ebitmap_for_each_bit(&tmp, tnode, i) {                
+                 if (!ebitmap_node_get_bit(tnode, i))
+                         continue;
++		if (!typemap[i])
++			continue;
+                 if (ebitmap_set_bit(types, typemap[i] - 1, 1))
+                         return -1;
+         }
diff --git a/libsepol.spec b/libsepol.spec
index bc66300..1cd3104 100644
--- a/libsepol.spec
+++ b/libsepol.spec
@@ -1,6 +1,6 @@
 Summary: SELinux binary policy manipulation library 
 Name: libsepol
-Version: 1.12.2
+Version: 1.12.3
 Release: 1
 License: GPL
 Group: System Environment/Libraries
@@ -80,6 +80,11 @@ exit 0
 %{_includedir}/sepol/policydb/*.h
 
 %changelog
+* Mon Mar 27 2006 Dan Walsh <dwalsh@redhat.com> 1.12.3-1
+- Upgrade to latest from NSA
+	* Fixed attr_convert_callback and expand_convert_type_set
+	  typemap bug.
+
 * Fri Mar 24 2006 Dan Walsh <dwalsh@redhat.com> 1.12.2-1
 - Upgrade to latest from NSA
 	* Fixed avrule_block_write num_decls endian bug.
diff --git a/sources b/sources
index 67a4667..f0ade83 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-6b1c03c91b3428645ab52b8865b644cc  libsepol-1.12.2.tgz
+515f91c72954fd5addb05769030f3373  libsepol-1.12.3.tgz