The verify_header() function has code that ensures all headers in a single data chunk passed to aa_unpack() have the same namespace. The value pointed by the ns argument is however unconditionally set to NULL on each invocation to verify_header(). This effectively makes the code that checks for namespace changes from one profile to another, dead code.
Since the only caller, aa_unpack(), already initializes *ns = NULL the redundant initialization in verify_header() can be safely dropped. Signed-off-by: Zygmunt Krynicki <[email protected]> --- security/apparmor/policy_unpack.c | 1 - 1 file changed, 1 deletion(-) diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c index 981d570eebba..ea7f2ad33b8b 100644 --- a/security/apparmor/policy_unpack.c +++ b/security/apparmor/policy_unpack.c @@ -749,7 +749,6 @@ static int verify_header(struct aa_ext *e, int required, const char **ns) { int error = -EPROTONOSUPPORT; const char *name = NULL; - *ns = NULL; /* get the interface version */ if (!unpack_u32(e, &e->version, "version")) { -- 2.11.0 -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
