Re: [PATCH 1/1] libsemanage: always check append_arg return value

Mon, 23 Apr 2018 09:51:12 -0700 

On Sun, Apr 22, 2018 at 12:30 PM, Nicolas Iooss <[email protected]> wrote:
> When split_args() calls append_arg(), the returned value needs to be
> checked in order to detect memory allocation failure. Checks were
> missing in two places, which are spotted by clang's static analyzer:
>
>     semanage_store.c:1352:7: warning: Value stored to 'rc' is never
>     read
>             rc = append_arg(&argv, &num_args, arg);
>             ^    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>     semanage_store.c:1368:3: warning: Value stored to 'rc' is never read
>             rc = append_arg(&argv, &num_args, arg);
>             ^    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Signed-off-by: Nicolas Iooss <[email protected]>
> ---
>  libsemanage/src/semanage_store.c | 4 ++++
>  1 file changed, 4 insertions(+)
>
> diff --git a/libsemanage/src/semanage_store.c 
> b/libsemanage/src/semanage_store.c
> index 14ad99c152ad..bce648c46464 100644
> --- a/libsemanage/src/semanage_store.c
> +++ b/libsemanage/src/semanage_store.c
> @@ -1350,6 +1350,8 @@ static char **split_args(const char *arg0, char 
> *arg_string,
>                                 if (isspace(*s) && !in_quote && !in_dquote) {
>                                         if (arg != NULL) {
>                                                 rc = append_arg(&argv, 
> &num_args, arg);
> +                                               if (rc)
> +                                                       goto cleanup;
>                                                 free(arg);
>                                                 arg = NULL;
>                                         }
> @@ -1366,6 +1368,8 @@ static char **split_args(const char *arg0, char 
> *arg_string,
>         }
>         if (arg != NULL) {
>                 rc = append_arg(&argv, &num_args, arg);
> +               if (rc)
> +                       goto cleanup;
>                 free(arg);
>                 arg = NULL;
>         }
> --
> 2.17.0
>
>

ack

Reply via email to