On Fri, 31 Mar 2017, Paul Moore wrote:
> On Fri, Mar 31, 2017 at 11:52 AM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
> > On Fri, 2017-03-31 at 18:21 +0300, Dan Carpenter wrote:
> >> We removed this initialization as a cleanup but it is probably
> >> required.
> >>
> >> The concern is that "nel" can be zero. I'm not an expert on SELinux
> >> code but I think it looks possible to write an SELinux policy which
> >> triggers this bug. GCC doesn't catch this, but my static checker
> >> does.
> >>
> >> Fixes: 9c312e79d6af ("selinux: Delete an unnecessary variable
> >> initialisation in range_read()")
> >> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> >
> > Nice catch, thanks!
> >
> > Acked-by: Stephen Smalley <sds@xxxxxxxxxxxxx>
>
> Yes, indeed. Thanks Dan, I should have caught this when merging Markus' patch.
>
I'd like to reiterate that I generally don't want to accept cleanup
patches into the security tree from Markus (or indeed from others who
only do cleanup/whitespace work).
See https://lkml.org/lkml/2017/1/29/172, and please click through and read
Dan's comments.
All patches carry risks of introducing new bugs, and kernel "cleanup:
patches generally offer a pretty high cost/benefit ratio. If such patches
come from core developers of that code, or from kernel developers with
experience in *analyzing and fixing* bugs, that's very different.
Paul, please review all of these patches very carefully before sending
your pull request.
--
James Morris
<jmorris@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
