Commit cae303df authored Mar 31, 2017 by Dan Carpenter Committed by Paul Moore Mar 31, 2017

selinux: Fix an uninitialized variable bug

We removed this initialization as a cleanup but it is probably required.

The concern is that "nel" can be zero. I'm not an expert on SELinux
code but I think it looks possible to write an SELinux policy which
triggers this bug. GCC doesn't catch this, but my static checker does.

Fixes: 9c312e79 ("selinux: Delete an unnecessary variable initialisation in range_read()")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <paul@paul-moore.com>

parent 342e9157

security/selinux/ss/policydb.c

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -1832,7 +1832,7 @@ u32 string_to_av_perm(struct policydb p, u16 tclass, const char name)

	static int range_read(struct policydb p, void fp)		static int range_read(struct policydb p, void fp)
	{		{
	struct range_trans *rt;		struct range_trans *rt = NULL;
	struct mls_range *r = NULL;		struct mls_range *r = NULL;
	int i, rc;		int i, rc;
	__le32 buf[2];		__le32 buf[2];

Admin message