From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933497AbdCWVuN (ORCPT ); Thu, 23 Mar 2017 17:50:13 -0400 Received: from mail-vk0-f65.google.com ([209.85.213.65]:33656 "EHLO mail-vk0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751083AbdCWVuK (ORCPT ); Thu, 23 Mar 2017 17:50:10 -0400 MIME-Version: 1.0 X-Originating-IP: [108.49.102.27] In-Reply-To: <99ebe15e-c30f-d129-82a0-a809769aa5dc@users.sourceforge.net> References: <99ebe15e-c30f-d129-82a0-a809769aa5dc@users.sourceforge.net> From: Paul Moore Date: Thu, 23 Mar 2017 17:50:07 -0400 Message-ID: Subject: Re: [PATCH 13/46] selinux: Move four assignments for the variable "rc" in genfs_read() To: SF Markus Elfring Cc: linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov, Eric Paris , James Morris , "Serge E. Hallyn" , Stephen Smalley , William Roberts , LKML , kernel-janitors@vger.kernel.org Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Jan 15, 2017 at 10:13 AM, SF Markus Elfring wrote: > From: Markus Elfring > Date: Sat, 14 Jan 2017 17:21:59 +0100 > > One local variable was set to an error code in four cases before > a concrete error situation was detected. Thus move the corresponding > assignments into if branches to indicate a software failure there. > > Signed-off-by: Markus Elfring > --- > security/selinux/ss/policydb.c | 16 ++++++++-------- > 1 file changed, 8 insertions(+), 8 deletions(-) See my previous comments. > diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c > index 7544e374dec9..a12d9166f0e4 100644 > --- a/security/selinux/ss/policydb.c > +++ b/security/selinux/ss/policydb.c > @@ -2012,11 +2012,11 @@ static int genfs_read(struct policydb *p, void *fp) > if (rc) > goto out; > len = le32_to_cpu(buf[0]); > - > - rc = -ENOMEM; > newgenfs = kzalloc(sizeof(*newgenfs), GFP_KERNEL); > - if (!newgenfs) > + if (!newgenfs) { > + rc = -ENOMEM; > goto out; > + } > > rc = str_read(&newgenfs->fstype, GFP_KERNEL, fp, len); > if (rc) > @@ -2024,10 +2024,10 @@ static int genfs_read(struct policydb *p, void *fp) > > for (genfs_p = NULL, genfs = p->genfs; genfs; > genfs_p = genfs, genfs = genfs->next) { > - rc = -EINVAL; > if (strcmp(newgenfs->fstype, genfs->fstype) == 0) { > printk(KERN_ERR "SELinux: dup genfs fstype %s\n", > newgenfs->fstype); > + rc = -EINVAL; > goto out; > } > if (strcmp(newgenfs->fstype, genfs->fstype) < 0) > @@ -2051,11 +2051,11 @@ static int genfs_read(struct policydb *p, void *fp) > if (rc) > goto out; > len = le32_to_cpu(buf[0]); > - > - rc = -ENOMEM; > newc = kzalloc(sizeof(*newc), GFP_KERNEL); > - if (!newc) > + if (!newc) { > + rc = -ENOMEM; > goto out; > + } > > rc = str_read(&newc->u.name, GFP_KERNEL, fp, len); > if (rc) > @@ -2072,12 +2072,12 @@ static int genfs_read(struct policydb *p, void *fp) > > for (l = NULL, c = genfs->head; c; > l = c, c = c->next) { > - rc = -EINVAL; > if (!strcmp(newc->u.name, c->u.name) && > (!c->v.sclass || !newc->v.sclass || > newc->v.sclass == c->v.sclass)) { > printk(KERN_ERR "SELinux: dup genfs entry (%s,%s)\n", > genfs->fstype, c->u.name); > + rc = -EINVAL; > goto out; > } > len = strlen(newc->u.name); > -- > 2.11.0 > -- paul moore www.paul-moore.com From mboxrd@z Thu Jan 1 00:00:00 1970 From: Paul Moore Date: Thu, 23 Mar 2017 21:50:07 +0000 Subject: Re: [PATCH 13/46] selinux: Move four assignments for the variable "rc" in genfs_read() Message-Id: List-Id: References: <99ebe15e-c30f-d129-82a0-a809769aa5dc@users.sourceforge.net> In-Reply-To: <99ebe15e-c30f-d129-82a0-a809769aa5dc@users.sourceforge.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: linux-security-module@vger.kernel.org On Sun, Jan 15, 2017 at 10:13 AM, SF Markus Elfring wrote: > From: Markus Elfring > Date: Sat, 14 Jan 2017 17:21:59 +0100 > > One local variable was set to an error code in four cases before > a concrete error situation was detected. Thus move the corresponding > assignments into if branches to indicate a software failure there. > > Signed-off-by: Markus Elfring > --- > security/selinux/ss/policydb.c | 16 ++++++++-------- > 1 file changed, 8 insertions(+), 8 deletions(-) See my previous comments. > diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c > index 7544e374dec9..a12d9166f0e4 100644 > --- a/security/selinux/ss/policydb.c > +++ b/security/selinux/ss/policydb.c > @@ -2012,11 +2012,11 @@ static int genfs_read(struct policydb *p, void *fp) > if (rc) > goto out; > len = le32_to_cpu(buf[0]); > - > - rc = -ENOMEM; > newgenfs = kzalloc(sizeof(*newgenfs), GFP_KERNEL); > - if (!newgenfs) > + if (!newgenfs) { > + rc = -ENOMEM; > goto out; > + } > > rc = str_read(&newgenfs->fstype, GFP_KERNEL, fp, len); > if (rc) > @@ -2024,10 +2024,10 @@ static int genfs_read(struct policydb *p, void *fp) > > for (genfs_p = NULL, genfs = p->genfs; genfs; > genfs_p = genfs, genfs = genfs->next) { > - rc = -EINVAL; > if (strcmp(newgenfs->fstype, genfs->fstype) = 0) { > printk(KERN_ERR "SELinux: dup genfs fstype %s\n", > newgenfs->fstype); > + rc = -EINVAL; > goto out; > } > if (strcmp(newgenfs->fstype, genfs->fstype) < 0) > @@ -2051,11 +2051,11 @@ static int genfs_read(struct policydb *p, void *fp) > if (rc) > goto out; > len = le32_to_cpu(buf[0]); > - > - rc = -ENOMEM; > newc = kzalloc(sizeof(*newc), GFP_KERNEL); > - if (!newc) > + if (!newc) { > + rc = -ENOMEM; > goto out; > + } > > rc = str_read(&newc->u.name, GFP_KERNEL, fp, len); > if (rc) > @@ -2072,12 +2072,12 @@ static int genfs_read(struct policydb *p, void *fp) > > for (l = NULL, c = genfs->head; c; > l = c, c = c->next) { > - rc = -EINVAL; > if (!strcmp(newc->u.name, c->u.name) && > (!c->v.sclass || !newc->v.sclass || > newc->v.sclass = c->v.sclass)) { > printk(KERN_ERR "SELinux: dup genfs entry (%s,%s)\n", > genfs->fstype, c->u.name); > + rc = -EINVAL; > goto out; > } > len = strlen(newc->u.name); > -- > 2.11.0 > -- paul moore www.paul-moore.com From mboxrd@z Thu Jan 1 00:00:00 1970 From: paul@paul-moore.com (Paul Moore) Date: Thu, 23 Mar 2017 17:50:07 -0400 Subject: [PATCH 13/46] selinux: Move four assignments for the variable "rc" in genfs_read() In-Reply-To: <99ebe15e-c30f-d129-82a0-a809769aa5dc@users.sourceforge.net> References: <99ebe15e-c30f-d129-82a0-a809769aa5dc@users.sourceforge.net> Message-ID: To: linux-security-module@vger.kernel.org List-Id: linux-security-module.vger.kernel.org On Sun, Jan 15, 2017 at 10:13 AM, SF Markus Elfring wrote: > From: Markus Elfring > Date: Sat, 14 Jan 2017 17:21:59 +0100 > > One local variable was set to an error code in four cases before > a concrete error situation was detected. Thus move the corresponding > assignments into if branches to indicate a software failure there. > > Signed-off-by: Markus Elfring > --- > security/selinux/ss/policydb.c | 16 ++++++++-------- > 1 file changed, 8 insertions(+), 8 deletions(-) See my previous comments. > diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c > index 7544e374dec9..a12d9166f0e4 100644 > --- a/security/selinux/ss/policydb.c > +++ b/security/selinux/ss/policydb.c > @@ -2012,11 +2012,11 @@ static int genfs_read(struct policydb *p, void *fp) > if (rc) > goto out; > len = le32_to_cpu(buf[0]); > - > - rc = -ENOMEM; > newgenfs = kzalloc(sizeof(*newgenfs), GFP_KERNEL); > - if (!newgenfs) > + if (!newgenfs) { > + rc = -ENOMEM; > goto out; > + } > > rc = str_read(&newgenfs->fstype, GFP_KERNEL, fp, len); > if (rc) > @@ -2024,10 +2024,10 @@ static int genfs_read(struct policydb *p, void *fp) > > for (genfs_p = NULL, genfs = p->genfs; genfs; > genfs_p = genfs, genfs = genfs->next) { > - rc = -EINVAL; > if (strcmp(newgenfs->fstype, genfs->fstype) == 0) { > printk(KERN_ERR "SELinux: dup genfs fstype %s\n", > newgenfs->fstype); > + rc = -EINVAL; > goto out; > } > if (strcmp(newgenfs->fstype, genfs->fstype) < 0) > @@ -2051,11 +2051,11 @@ static int genfs_read(struct policydb *p, void *fp) > if (rc) > goto out; > len = le32_to_cpu(buf[0]); > - > - rc = -ENOMEM; > newc = kzalloc(sizeof(*newc), GFP_KERNEL); > - if (!newc) > + if (!newc) { > + rc = -ENOMEM; > goto out; > + } > > rc = str_read(&newc->u.name, GFP_KERNEL, fp, len); > if (rc) > @@ -2072,12 +2072,12 @@ static int genfs_read(struct policydb *p, void *fp) > > for (l = NULL, c = genfs->head; c; > l = c, c = c->next) { > - rc = -EINVAL; > if (!strcmp(newc->u.name, c->u.name) && > (!c->v.sclass || !newc->v.sclass || > newc->v.sclass == c->v.sclass)) { > printk(KERN_ERR "SELinux: dup genfs entry (%s,%s)\n", > genfs->fstype, c->u.name); > + rc = -EINVAL; > goto out; > } > len = strlen(newc->u.name); > -- > 2.11.0 > -- paul moore www.paul-moore.com -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html