| Message ID | 20231109135315.44095-2-cgzones@googlemail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | 27fe2b29c930 |
| Delegated to: | Petr Lautrbach |
| Headers | show |
| Series | [1/5] semodule_link: avoid NULL dereference on OOM | expand |
diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c index d2868019..2d77e22a 100644 --- a/libsepol/src/module_to_cil.c +++ b/libsepol/src/module_to_cil.c @@ -1199,6 +1199,8 @@ static int avrule_list_to_cil(int indent, struct policydb *pdb, struct avrule *a rc = -1; goto exit; } + + num_tnames = 0; } else { ts = &avrule->ttypes; rc = process_typeset(pdb, ts, attr_list, &tnames, &num_tnames);
Set the number of target names to 0 instead of leaving it uninitialized. The number is always 0 since CIL does not support non-trivial not-self neverallow rules yet. Reported by Clang Analyzer: module_to_cil.c:1211:18: warning: The right operand of '<' is a garbage value [core.UndefinedBinaryOperatorResult] 1211 | for (t = 0; t < num_tnames; t++) { | ^ ~~~~~~~~~~ Signed-off-by: Christian Göttsche <cgzones@googlemail.com> --- libsepol/src/module_to_cil.c | 2 ++ 1 file changed, 2 insertions(+)