From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S964823AbdCWWNP (ORCPT ); Thu, 23 Mar 2017 18:13:15 -0400 Received: from mail-vk0-f67.google.com ([209.85.213.67]:33098 "EHLO mail-vk0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934371AbdCWWNH (ORCPT ); Thu, 23 Mar 2017 18:13:07 -0400 MIME-Version: 1.0 X-Originating-IP: [108.49.102.27] In-Reply-To: <196aacb8-6aab-841b-3301-71da75628954@users.sourceforge.net> References: <196aacb8-6aab-841b-3301-71da75628954@users.sourceforge.net> From: Paul Moore Date: Thu, 23 Mar 2017 18:13:05 -0400 Message-ID: Subject: Re: [PATCH 20/46] selinux: Move four assignments for the variable "rc" in range_read() To: SF Markus Elfring Cc: linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov, Eric Paris , James Morris , "Serge E. Hallyn" , Stephen Smalley , William Roberts , LKML , kernel-janitors@vger.kernel.org Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Jan 15, 2017 at 10:20 AM, SF Markus Elfring wrote: > From: Markus Elfring > Date: Sat, 14 Jan 2017 19:55:00 +0100 > > One local variable was set to an error code in four cases before > a concrete error situation was detected. Thus move the corresponding > assignments into if branches to indicate a software failure there. > > Signed-off-by: Markus Elfring > --- > security/selinux/ss/policydb.c | 17 ++++++++++------- > 1 file changed, 10 insertions(+), 7 deletions(-) See previous comments. > diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c > index a696876fc327..4cd96ce51322 100644 > --- a/security/selinux/ss/policydb.c > +++ b/security/selinux/ss/policydb.c > @@ -1854,10 +1854,11 @@ static int range_read(struct policydb *p, void *fp) > > nel = le32_to_cpu(buf[0]); > for (i = 0; i < nel; i++) { > - rc = -ENOMEM; > rt = kzalloc(sizeof(*rt), GFP_KERNEL); > - if (!rt) > + if (!rt) { > + rc = -ENOMEM; > goto out; > + } > > rc = next_entry(buf, fp, (sizeof(u32) * 2)); > if (rc) > @@ -1873,24 +1874,26 @@ static int range_read(struct policydb *p, void *fp) > } else > rt->target_class = p->process_class; > > - rc = -EINVAL; > if (!policydb_type_isvalid(p, rt->source_type) || > !policydb_type_isvalid(p, rt->target_type) || > - !policydb_class_isvalid(p, rt->target_class)) > + !policydb_class_isvalid(p, rt->target_class)) { > + rc = -EINVAL; > goto out; > + } > > - rc = -ENOMEM; > r = kzalloc(sizeof(*r), GFP_KERNEL); > - if (!r) > + if (!r) { > + rc = -ENOMEM; > goto out; > + } > > rc = mls_read_range_helper(r, fp); > if (rc) > goto out; > > - rc = -EINVAL; > if (!mls_range_isvalid(p, r)) { > printk(KERN_WARNING "SELinux: rangetrans: invalid range\n"); > + rc = -EINVAL; > goto out; > } > > -- > 2.11.0 > -- paul moore www.paul-moore.com