On Mon, Nov 13, 2023 at 4:43 PM James Carter <jwcart2@xxxxxxxxx> wrote: > > On Thu, Nov 9, 2023 at 8:53 AM Christian Göttsche > <cgzones@xxxxxxxxxxxxxx> wrote: > > > > In case the initial calloc(3) call fails the variable mods is still NULL > > while its size hint num_mods is set. > > > > Reported by Clang Analyzer: > > > > semodule_link.c:182:29: warning: Array access (from variable 'mods') results in a null pointer dereference [core.NullDereference] > > 182 | sepol_module_package_free(mods[i]); > > | ^~~~~~~ > > > > Fixes: 63e798a2034a ("semodule_link: update") > > > > Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> > > For these five patches: > Acked-by: James Carter <jwcart2@xxxxxxxxx> > These five patches have been merged. Thanks, Jim > > --- > > semodule-utils/semodule_link/semodule_link.c | 8 +++++--- > > 1 file changed, 5 insertions(+), 3 deletions(-) > > > > diff --git a/semodule-utils/semodule_link/semodule_link.c b/semodule-utils/semodule_link/semodule_link.c > > index 0f157bd9..58fca34d 100644 > > --- a/semodule-utils/semodule_link/semodule_link.c > > +++ b/semodule-utils/semodule_link/semodule_link.c > > @@ -178,9 +178,11 @@ failure: > > ret = EXIT_FAILURE; > > > > cleanup: > > - for (i = 0; i < num_mods; i++) > > - sepol_module_package_free(mods[i]); > > - free(mods); > > + if (mods) { > > + for (i = 0; i < num_mods; i++) > > + sepol_module_package_free(mods[i]); > > + free(mods); > > + } > > sepol_module_package_free(base); > > > > return ret; > > -- > > 2.42.0 > >