On Tue, Jun 8, 2021 at 12:02 PM Christian Göttsche
<cgzones@xxxxxxxxxxxxxx> wrote:
>
> In case cats_ebitmap_len() returns 0, do not allocate but quit.
>
> Found by clang-analyzer
>
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Acked-by: James Carter <jwcart2@xxxxxxxxx>
> ---
> libsepol/src/kernel_to_cil.c | 5 ++++-
> libsepol/src/kernel_to_conf.c | 5 ++++-
> 2 files changed, 8 insertions(+), 2 deletions(-)
>
> diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c
> index 989aacde..17b5ebf0 100644
> --- a/libsepol/src/kernel_to_cil.c
> +++ b/libsepol/src/kernel_to_cil.c
> @@ -1034,11 +1034,14 @@ static char *cats_ebitmap_to_str(struct ebitmap *cats, char **val_to_name)
> {
> struct ebitmap_node *node;
> uint32_t i, start, range;
> - char *catsbuf, *p;
> + char *catsbuf = NULL, *p;
> const char *fmt;
> int len, remaining;
>
> remaining = (int)cats_ebitmap_len(cats, val_to_name);
> + if (remaining == 0) {
> + goto exit;
> + }
> catsbuf = malloc(remaining);
> if (!catsbuf) {
> goto exit;
> diff --git a/libsepol/src/kernel_to_conf.c b/libsepol/src/kernel_to_conf.c
> index 5db47fe4..c1253820 100644
> --- a/libsepol/src/kernel_to_conf.c
> +++ b/libsepol/src/kernel_to_conf.c
> @@ -1025,12 +1025,15 @@ static char *cats_ebitmap_to_str(struct ebitmap *cats, char **val_to_name)
> {
> struct ebitmap_node *node;
> uint32_t i, start, range, first;
> - char *catsbuf, *p;
> + char *catsbuf = NULL, *p;
> const char *fmt;
> char sep;
> int len, remaining;
>
> remaining = (int)cats_ebitmap_len(cats, val_to_name);
> + if (remaining == 0) {
> + goto exit;
> + }
> catsbuf = malloc(remaining);
> if (!catsbuf) {
> goto exit;
> --
> 2.32.0
>
