On Fri, 31 Mar 2017, Paul Moore wrote: > On Fri, Mar 31, 2017 at 11:52 AM, Stephen Smalley <[email protected]> wrote: > > On Fri, 2017-03-31 at 18:21 +0300, Dan Carpenter wrote: > >> We removed this initialization as a cleanup but it is probably > >> required. > >> > >> The concern is that "nel" can be zero. I'm not an expert on SELinux > >> code but I think it looks possible to write an SELinux policy which > >> triggers this bug. GCC doesn't catch this, but my static checker > >> does. > >> > >> Fixes: 9c312e79d6af ("selinux: Delete an unnecessary variable > >> initialisation in range_read()") > >> Signed-off-by: Dan Carpenter <[email protected]> > > > > Nice catch, thanks! > > > > Acked-by: Stephen Smalley <[email protected]> > > Yes, indeed. Thanks Dan, I should have caught this when merging Markus' > patch. >
I'd like to reiterate that I generally don't want to accept cleanup patches into the security tree from Markus (or indeed from others who only do cleanup/whitespace work). See https://lkml.org/lkml/2017/1/29/172, and please click through and read Dan's comments. All patches carry risks of introducing new bugs, and kernel "cleanup: patches generally offer a pretty high cost/benefit ratio. If such patches come from core developers of that code, or from kernel developers with experience in *analyzing and fixing* bugs, that's very different. Paul, please review all of these patches very carefully before sending your pull request. -- James Morris <[email protected]> _______________________________________________ Selinux mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
