On 3/25/2019 1:11 AM, Ondrej Mosnacek wrote:
The code incorrectly assigned directly to the variables instead of the
values they point to. Since the values are already set to NULL/0 at the
beginning of the function, we can simply remove these useless
assignments.
Reported-by: Hariprasad Kelam <hariprasad.kelam@xxxxxxxxx>
Fixes: fede148324c3 ("selinux: log invalid contexts in AVCs")
Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
---
security/selinux/ss/services.c | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index ec62918521b1..b18a8d7c1b5e 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1318,14 +1318,11 @@ static int security_sid_to_context_core(struct selinux_state *state,
rc = -EINVAL;
goto out_unlock;
}
- if (only_invalid && !context->len) {
- scontext = NULL;
- scontext_len = 0;
- rc = 0;
- } else {
+ if (only_invalid && !context->len)
+ rc = 0; /* *scontext/*scontext_len are already set to NULL/0 */
I know that modern compilers won't be fooled, but please don't nest comments.
+ else
rc = context_struct_to_string(policydb, context, scontext,
scontext_len);
- }
out_unlock:
read_unlock(&state->ss->policy_rwlock);
out:
