On Thu, Nov 9, 2023 at 8:53 AM Christian Göttsche
<cgzones@xxxxxxxxxxxxxx> wrote:
>
> In case the initial calloc(3) call fails the variable mods is still NULL
> while its size hint num_mods is set.
>
> Reported by Clang Analyzer:
>
> semodule_link.c:182:29: warning: Array access (from variable 'mods') results in a null pointer dereference [core.NullDereference]
> 182 | sepol_module_package_free(mods[i]);
> | ^~~~~~~
>
> Fixes: 63e798a2034a ("semodule_link: update")
>
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
For these five patches:
Acked-by: James Carter <jwcart2@xxxxxxxxx>
> ---
> semodule-utils/semodule_link/semodule_link.c | 8 +++++---
> 1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/semodule-utils/semodule_link/semodule_link.c b/semodule-utils/semodule_link/semodule_link.c
> index 0f157bd9..58fca34d 100644
> --- a/semodule-utils/semodule_link/semodule_link.c
> +++ b/semodule-utils/semodule_link/semodule_link.c
> @@ -178,9 +178,11 @@ failure:
> ret = EXIT_FAILURE;
>
> cleanup:
> - for (i = 0; i < num_mods; i++)
> - sepol_module_package_free(mods[i]);
> - free(mods);
> + if (mods) {
> + for (i = 0; i < num_mods; i++)
> + sepol_module_package_free(mods[i]);
> + free(mods);
> + }
> sepol_module_package_free(base);
>
> return ret;
> --
> 2.42.0
>
