When pipe() fails in semanage_pipe_data(), this function closes all file
descriptors in variables output_fd, err_fd and input_fd even when they
have not been initialized. Fix this by initializing the file descriptors
to -1.
This issue has been found using clang's static analyzer.
Signed-off-by: Nicolas Iooss <nicolas.io...@m4x.org>
---
libsemanage/src/direct_api.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c
index c23494bb4270..568732355f54 100644
--- a/libsemanage/src/direct_api.c
+++ b/libsemanage/src/direct_api.c
@@ -705,9 +705,9 @@ static int read_from_pipe_to_data(semanage_handle_t *sh,
size_t initial_len, int
static int semanage_pipe_data(semanage_handle_t *sh, char *path, char
*in_data, size_t in_data_len, char **out_data, size_t *out_data_len, char
**err_data, size_t *err_data_len)
{
- int input_fd[2];
- int output_fd[2];
- int err_fd[2];
+ int input_fd[2] = {-1, -1};
+ int output_fd[2] = {-1, -1};
+ int err_fd[2] = {-1, -1};
pid_t pid;
char *data_read = NULL;
char *err_data_read = NULL;
--
2.12.0
_______________________________________________
Selinux mailing list
Selinux@tycho.nsa.gov
To unsubscribe, send email to selinux-le...@tycho.nsa.gov.
To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
