cil_gen_default() and cil_gen_defaultrange() call cil_fill_list() without checking its return value. If it failed, propagate the return value to the caller.
This issue has been found using clang's static analyzer. It reported "warning: Value stored to 'rc' is never read" four times. Signed-off-by: Nicolas Iooss <[email protected]> --- libsepol/cil/src/cil_build_ast.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/libsepol/cil/src/cil_build_ast.c b/libsepol/cil/src/cil_build_ast.c index 8a19df480989..4b03dc35d408 100644 --- a/libsepol/cil/src/cil_build_ast.c +++ b/libsepol/cil/src/cil_build_ast.c @@ -5592,9 +5592,11 @@ int cil_gen_default(struct cil_tree_node *parse_current, struct cil_tree_node *a if (parse_current->next->cl_head == NULL) { cil_list_init(&def->class_strs, CIL_CLASS); cil_list_append(def->class_strs, CIL_STRING, parse_current->next->data); - rc = SEPOL_OK; } else { rc = cil_fill_list(parse_current->next->cl_head, CIL_CLASS, &def->class_strs); + if (rc != SEPOL_OK) { + goto exit; + } } object = parse_current->next->next->data; @@ -5657,9 +5659,11 @@ int cil_gen_defaultrange(struct cil_tree_node *parse_current, struct cil_tree_no if (parse_current->next->cl_head == NULL) { cil_list_init(&def->class_strs, CIL_CLASS); cil_list_append(def->class_strs, CIL_STRING, parse_current->next->data); - rc = SEPOL_OK; } else { rc = cil_fill_list(parse_current->next->cl_head, CIL_CLASS, &def->class_strs); + if (rc != SEPOL_OK) { + goto exit; + } } object = parse_current->next->next->data; -- 2.12.0 _______________________________________________ Selinux mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
