@@ -405,10 +405,12 @@ int cil_verify_decl_does_not_shadow_macro_parameter(struct cil_macro *macro, str
if (param_list != NULL) {
cil_list_for_each(item, param_list) {
struct cil_param *param = item->data;
- if (param->flavor == node->flavor) {
- if (param->str == name) {
- cil_log(CIL_ERR, "%s %s shadows a macro parameter in macro declaration\n", cil_node_to_string(node), name);
+ if (param->str == name) {
+ if (param->flavor == node->flavor) {
+ cil_log(CIL_ERR, "Declaration of %s %s shadows a macro parameter with the same flavor\n", cil_node_to_string(node), name);
return SEPOL_ERR;
+ } else {
+ cil_log(CIL_WARN, "Declaration of %s %s has same name as a macro parameter with a different flavor\n", cil_node_to_string(node), name);
}
}
}
While still giving an error if there is a declaration with the same flavor and name as a macro parameter, now give a warning in the case where there is a declaration with the same name as a macro parameter, but with a different flavor. Example/ (macro m1 ((string ARG1)) (type ARG1) (allow ARG1 ARG1 (CLASS (PERM))) (typetransition t1a t1b CLASS ARG1 t1c) ) (call m1 (foo)) This will result in the following equivalent code: (type ARG1) (allow ARG1 ARG1 (CLASS (PERM))) (typetransition t1a t1b CLASS "foo" t1c) With the warning (if using "-v"), "Declaration of type ARG1 has same name as a macro parameter with a different flavor" Signed-off-by: James Carter <jwcart2@gmail.com> --- libsepol/cil/src/cil_verify.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-)