selinux: fix undefined return of cond_evaluate_expr (8231b0b9) · Commits · Mirrors / github.com / raspberrypi_linux

Commit 8231b0b9 authored Jun 17, 2020 by

Tom Rix Committed by Paul Moore Jun 17, 2020

selinux: fix undefined return of cond_evaluate_expr



clang static analysis reports an undefined return

security/selinux/ss/conditional.c:79:2: warning: Undefined or garbage value returned to caller [core.uninitialized.UndefReturn]
        return s[0];
        ^~~~~~~~~~~

static int cond_evaluate_expr( ...
{
	u32 i;
	int s[COND_EXPR_MAXDEPTH];

	for (i = 0; i < expr->len; i++)
	  ...

	return s[0];

When expr->len is 0, the loop which sets s[0] never runs.

So return -1 if the loop never runs.

Cc: stable@vger.kernel.org
Signed-off-by: Tom Rix <trix@redhat.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

parent aa449a79

Hide whitespace changes

Inline Side-by-side

Please register or to comment