On Tue, Mar 3, 2020 at 8:12 PM Stephen Smalley
<stephen.smalley.work@xxxxxxxxx> wrote:
> On Tue, Mar 3, 2020 at 6:29 AM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote:
> >
> > Commit e0ac568de1fa ("selinux: reduce the use of hard-coded hash sizes")
> > moved symtab initialization out of policydb_init(), but left the cleanup
> > of symtabs from the error path. This patch fixes the oversight.
> >
> > Suggested-by: Stephen Smalley <sds@xxxxxxxxxxxxx>
> > Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
> > ---
> > security/selinux/ss/policydb.c | 18 +++++-------------
> > 1 file changed, 5 insertions(+), 13 deletions(-)
> >
> > diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
> > index 7739369f5d9a..00edcd216aaa 100644
> > --- a/security/selinux/ss/policydb.c
> > +++ b/security/selinux/ss/policydb.c
> > @@ -463,36 +463,28 @@ static int rangetr_cmp(struct hashtab *h, const void *k1, const void *k2)
> > */
> > static int policydb_init(struct policydb *p)
> > {
> > - int i, rc;
> > + int rc;
> >
> > memset(p, 0, sizeof(*p));
> >
> > rc = avtab_init(&p->te_avtab);
> > if (rc)
> > - goto out;
> > + return rc;
> >
> > rc = cond_policydb_init(p);
> > if (rc)
> > - goto out;
> > + return rc;
>
> Looks like avtab_init() and cond_policydb_init() can no longer return
> errors, merely initialize fields to 0/NULL,
> which is already done via the memset above, and are not used anywhere
> else so those can go away entirely?
OK, but that can be done in a separate patch, right? Do you plan to
send it? Anyway, I'd prefer to keep the *_init() functions for the
sake of abstraction - I'd suggest just changing the return type to
void where possible.
--
Ondrej Mosnacek <omosnace at redhat dot com>
Software Engineer, Security Technologies
Red Hat, Inc.
