Commit 8231b0b9 authored by Tom Rix's avatar Tom Rix Committed by Paul Moore

selinux: fix undefined return of cond_evaluate_expr

clang static analysis reports an undefined return

security/selinux/ss/conditional.c:79:2: warning: Undefined or garbage value returned to caller [core.uninitialized.UndefReturn]
        return s[0];
        ^~~~~~~~~~~

static int cond_evaluate_expr( ...
{
	u32 i;
	int s[COND_EXPR_MAXDEPTH];

	for (i = 0; i < expr->len; i++)
	  ...

	return s[0];

When expr->len is 0, the loop which sets s[0] never runs.

So return -1 if the loop never runs.

Cc: stable@vger.kernel.org
Signed-off-by: default avatarTom Rix <trix@redhat.com>
Acked-by: default avatarStephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent aa449a79
...@@ -27,6 +27,9 @@ static int cond_evaluate_expr(struct policydb *p, struct cond_expr *expr) ...@@ -27,6 +27,9 @@ static int cond_evaluate_expr(struct policydb *p, struct cond_expr *expr)
int s[COND_EXPR_MAXDEPTH]; int s[COND_EXPR_MAXDEPTH];
int sp = -1; int sp = -1;
if (expr->len == 0)
return -1;
for (i = 0; i < expr->len; i++) { for (i = 0; i < expr->len; i++) {
struct cond_expr_node *node = &expr->nodes[i]; struct cond_expr_node *node = &expr->nodes[i];
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment