On Feb 27, 2017 2:16 PM, "William Roberts" <bill.c.robe...@gmail.com> wrote:
On Feb 27, 2017 12:42, "Nicolas Iooss" <nicolas.io...@m4x.org> wrote: clang's static analyzer reports "Argument with 'nonnull' attribute passed null" in append_str(), because argument t may be NULL but is used in a call to memcpy(). Make append_str() do nothing when called with t=NULL. Signed-off-by: Nicolas Iooss <nicolas.io...@m4x.org> --- libsemanage/src/semanage_store.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_sto re.c index f468faba4b64..47ec93185e06 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -1194,8 +1194,14 @@ static char *append(char *s, char c) static char *append_str(char *s, const char *t) { size_t s_len = (s == NULL ? 0 : strlen(s)); - size_t t_len = (t == NULL ? 0 : strlen(t)); - char *new_s = realloc(s, s_len + t_len + 1); + size_t t_len; + char *new_s; + + if (t == NULL) { + return s; + } + t_len = strlen(t); + new_s = realloc(s, s_len + t_len + 1); Overflow possibility here? I guess since s and t lengths come from strlen() and the architectures we worry about running code on, overflowing would be pretty impossible here. if (new_s == NULL) { return NULL; } -- 2.11.1 _______________________________________________ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
_______________________________________________ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.