[1/1] libsepol/cil: do not dereference a NULL pointer when calloc() fails

Commit Message

Nicolas Iooss March 25, 2017, 1:48 p.m. UTC

When list_init() fails to allocate a list with calloc(), it calls
list_destroy(&l) with l = NULL. This functions starts by dereferencing
its argument ("(*list)->head"), which does not work well when it is
NULL.

This bug can be fixed by returning directly in list_init() when calloc()
fails. Doing so allows making list_init() implementation shorter by
removing label "exit" and local variable "rc".

This issue has been found using clang's static analyzer.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 libsepol/src/module_to_cil.c | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

Comments

James Carter March 28, 2017, 7:55 p.m. UTC | #1

On 03/25/2017 09:48 AM, Nicolas Iooss wrote:
> When list_init() fails to allocate a list with calloc(), it calls
> list_destroy(&l) with l = NULL. This functions starts by dereferencing
> its argument ("(*list)->head"), which does not work well when it is
> NULL.
>
> This bug can be fixed by returning directly in list_init() when calloc()
> fails. Doing so allows making list_init() implementation shorter by
> removing label "exit" and local variable "rc".
>
> This issue has been found using clang's static analyzer.
>
> Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>

Applied.

Thanks,
Jim

> ---
>  libsepol/src/module_to_cil.c | 8 +-------
>  1 file changed, 1 insertion(+), 7 deletions(-)
>
> diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c
> index 6c33b94da9d9..308ada4f1381 100644
> --- a/libsepol/src/module_to_cil.c
> +++ b/libsepol/src/module_to_cil.c
> @@ -250,19 +250,13 @@ static void attr_list_destroy(struct list **attr_list)
>
>  static int list_init(struct list **list)
>  {
> -	int rc = -1;
>  	struct list *l = calloc(1, sizeof(*l));
>  	if (l == NULL) {
> -		goto exit;
> +		return -1;
>  	}
>
>  	*list = l;
> -
>  	return 0;
> -
> -exit:
> -	list_destroy(&l);
> -	return rc;
>  }
>
>  static int list_prepend(struct list *list, void *data)
>

Patch

diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c
index 6c33b94da9d9..308ada4f1381 100644
--- a/libsepol/src/module_to_cil.c
+++ b/libsepol/src/module_to_cil.c
@@ -250,19 +250,13 @@  static void attr_list_destroy(struct list **attr_list)
 
 static int list_init(struct list **list)
 {
-	int rc = -1;
 	struct list *l = calloc(1, sizeof(*l));
 	if (l == NULL) {
-		goto exit;
+		return -1;
 	}
 
 	*list = l;
-
 	return 0;
-
-exit:
-	list_destroy(&l);
-	return rc;
 }
 
 static int list_prepend(struct list *list, void *data)