From: Ondrej Mosnacek omosnace@redhat.com
mainline inclusion from mainline-v6.10-rc1 commit 4e551db0426472ca305a2f3284b25af763bfe57d category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/IB1MNX CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...
--------------------------------
For the "conflicting/duplicate rules" branch in filename_trans_read_helper_compat() the Smatch static checker reports:
security/selinux/ss/policydb.c:1953 filename_trans_read_helper_compat() warn: missing error code 'rc'
While the value of rc will already always be zero here, it is not obvious that it's the case and that it's the intended return value (Smatch expects rc to be assigned within 5 lines from the goto). Therefore, add an explicit assignment just before the goto to make the intent more clear and the code less error-prone.
Fixes: c3a276111ea2 ("selinux: optimize storage of filename transitions") Reported-by: Dan Carpenter dan.carpenter@linaro.org Link: https://lore.kernel.org/selinux/722b90c4-1f4b-42ff-a6c2-108ea262bd10@moroto.... Signed-off-by: Ondrej Mosnacek omosnace@redhat.com Signed-off-by: Paul Moore paul@paul-moore.com Signed-off-by: Yi Yang yiyang13@huawei.com --- security/selinux/ss/policydb.c | 1 + 1 file changed, 1 insertion(+)
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index 82cfeab16217..2f15ab8534b2 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -1923,6 +1923,7 @@ static int filename_trans_read_helper_compat(struct policydb *p, void *fp) if (unlikely(ebitmap_get_bit(&datum->stypes, stype - 1))) { /* conflicting/duplicate rules are ignored */ datum = NULL; + rc = 0; goto out; } if (likely(datum->otype == otype))