linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] selinux: fix undefined return of cond_evaluate_expr
@ 2020-06-17 12:40 trix
  2020-06-17 13:58 ` Stephen Smalley
  0 siblings, 1 reply; 4+ messages in thread
From: trix @ 2020-06-17 12:40 UTC (permalink / raw)
  To: paul, stephen.smalley.work, eparis, omosnace, weiyongjun1
  Cc: selinux, linux-kernel, Tom Rix

From: Tom Rix <trix@redhat.com>

clang static analysis reports an undefined return

security/selinux/ss/conditional.c:79:2: warning: Undefined or garbage value returned to caller [core.uninitialized.UndefReturn]
        return s[0];
        ^~~~~~~~~~~

static int cond_evaluate_expr( ...
{
	u32 i;
	int s[COND_EXPR_MAXDEPTH];

	for (i = 0; i < expr->len; i++)
	  ...

	return s[0];

When expr->len is 0, the loop which sets s[0] never runs.

So return -1 if the loop never runs.

Signed-off-by: Tom Rix <trix@redhat.com>
---
 security/selinux/ss/conditional.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index 450bc02f4cd2..0cc7cdd58465 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -27,6 +27,9 @@ static int cond_evaluate_expr(struct policydb *p, struct cond_expr *expr)
 	int s[COND_EXPR_MAXDEPTH];
 	int sp = -1;
 
+	if (expr->len == 0)
+		return -1;
+
 	for (i = 0; i < expr->len; i++) {
 		struct cond_expr_node *node = &expr->nodes[i];
 
-- 
2.18.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH] selinux: fix undefined return of cond_evaluate_expr
  2020-06-17 12:40 [PATCH] selinux: fix undefined return of cond_evaluate_expr trix
@ 2020-06-17 13:58 ` Stephen Smalley
  2020-06-17 20:51   ` Paul Moore
  0 siblings, 1 reply; 4+ messages in thread
From: Stephen Smalley @ 2020-06-17 13:58 UTC (permalink / raw)
  To: trix
  Cc: Paul Moore, Eric Paris, Ondrej Mosnacek, weiyongjun1,
	SElinux list, linux-kernel

On Wed, Jun 17, 2020 at 8:40 AM <trix@redhat.com> wrote:
>
> From: Tom Rix <trix@redhat.com>
>
> clang static analysis reports an undefined return
>
> security/selinux/ss/conditional.c:79:2: warning: Undefined or garbage value returned to caller [core.uninitialized.UndefReturn]
>         return s[0];
>         ^~~~~~~~~~~
>
> static int cond_evaluate_expr( ...
> {
>         u32 i;
>         int s[COND_EXPR_MAXDEPTH];
>
>         for (i = 0; i < expr->len; i++)
>           ...
>
>         return s[0];
>
> When expr->len is 0, the loop which sets s[0] never runs.
>
> So return -1 if the loop never runs.
>
> Signed-off-by: Tom Rix <trix@redhat.com>

Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>

clang didn't complain about the similar pattern in
security/selinux/ss/services.c:constraint_expr_eval()?

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] selinux: fix undefined return of cond_evaluate_expr
  2020-06-17 13:58 ` Stephen Smalley
@ 2020-06-17 20:51   ` Paul Moore
  2020-06-17 21:39     ` Paul Moore
  0 siblings, 1 reply; 4+ messages in thread
From: Paul Moore @ 2020-06-17 20:51 UTC (permalink / raw)
  To: trix
  Cc: Stephen Smalley, Eric Paris, Ondrej Mosnacek, weiyongjun1,
	SElinux list, linux-kernel

On Wed, Jun 17, 2020 at 9:58 AM Stephen Smalley
<stephen.smalley.work@gmail.com> wrote:
> On Wed, Jun 17, 2020 at 8:40 AM <trix@redhat.com> wrote:
> >
> > From: Tom Rix <trix@redhat.com>
> >
> > clang static analysis reports an undefined return
> >
> > security/selinux/ss/conditional.c:79:2: warning: Undefined or garbage value returned to caller [core.uninitialized.UndefReturn]
> >         return s[0];
> >         ^~~~~~~~~~~
> >
> > static int cond_evaluate_expr( ...
> > {
> >         u32 i;
> >         int s[COND_EXPR_MAXDEPTH];
> >
> >         for (i = 0; i < expr->len; i++)
> >           ...
> >
> >         return s[0];
> >
> > When expr->len is 0, the loop which sets s[0] never runs.
> >
> > So return -1 if the loop never runs.
> >
> > Signed-off-by: Tom Rix <trix@redhat.com>
>
> Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
>
> clang didn't complain about the similar pattern in
> security/selinux/ss/services.c:constraint_expr_eval()?

Related question: I appreciate the work you are doing Tom, can you
share how far along you are testing the SELinux code with clang?  I
ask because it would be nice to roll all of these patches up into one
PR for Linus instead of sending multiple updates.

-- 
paul moore
www.paul-moore.com

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] selinux: fix undefined return of cond_evaluate_expr
  2020-06-17 20:51   ` Paul Moore
@ 2020-06-17 21:39     ` Paul Moore
  0 siblings, 0 replies; 4+ messages in thread
From: Paul Moore @ 2020-06-17 21:39 UTC (permalink / raw)
  To: trix
  Cc: Stephen Smalley, Eric Paris, Ondrej Mosnacek, weiyongjun1,
	SElinux list, linux-kernel

On Wed, Jun 17, 2020 at 4:51 PM Paul Moore <paul@paul-moore.com> wrote:
> On Wed, Jun 17, 2020 at 9:58 AM Stephen Smalley
> <stephen.smalley.work@gmail.com> wrote:
> > On Wed, Jun 17, 2020 at 8:40 AM <trix@redhat.com> wrote:
> > >
> > > From: Tom Rix <trix@redhat.com>
> > >
> > > clang static analysis reports an undefined return
> > >
> > > security/selinux/ss/conditional.c:79:2: warning: Undefined or garbage value returned to caller [core.uninitialized.UndefReturn]
> > >         return s[0];
> > >         ^~~~~~~~~~~
> > >
> > > static int cond_evaluate_expr( ...
> > > {
> > >         u32 i;
> > >         int s[COND_EXPR_MAXDEPTH];
> > >
> > >         for (i = 0; i < expr->len; i++)
> > >           ...
> > >
> > >         return s[0];
> > >
> > > When expr->len is 0, the loop which sets s[0] never runs.
> > >
> > > So return -1 if the loop never runs.
> > >
> > > Signed-off-by: Tom Rix <trix@redhat.com>
> >
> > Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
> >
> > clang didn't complain about the similar pattern in
> > security/selinux/ss/services.c:constraint_expr_eval()?
>
> Related question: I appreciate the work you are doing Tom, can you
> share how far along you are testing the SELinux code with clang?  I
> ask because it would be nice to roll all of these patches up into one
> PR for Linus instead of sending multiple updates.

Regardless, this patch looks good to me too so I've merged it into the
selinux/stable-5.8 branch with the others.  Thank you.

It would still be nice to know if there are other clang failures you
are working on fixing or if this is it for awhile.

-- 
paul moore
www.paul-moore.com

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-06-17 21:39 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-17 12:40 [PATCH] selinux: fix undefined return of cond_evaluate_expr trix
2020-06-17 13:58 ` Stephen Smalley
2020-06-17 20:51   ` Paul Moore
2020-06-17 21:39     ` Paul Moore

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).