On Mon, Jan 22, 2024 at 9:02 AM Christian Göttsche
<cgzones@xxxxxxxxxxxxxx> wrote:
>
> Only assign the computed value on success, since it is not set by
> declare_symbol() on failure.
>
> Reported by GCC:
>
> module_compiler.c: In function 'create_role':
> module_compiler.c:287:24: warning: use of uninitialized value 'value' [CWE-457] [-Wanalyzer-use-of-uninitialized-value]
> 287 | datum->s.value = value;
> | ~~~~~~~~~~~~~~~^~~~~~~
>
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Acked-by: James Carter <jwcart2@xxxxxxxxx>
> ---
> checkpolicy/module_compiler.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/checkpolicy/module_compiler.c b/checkpolicy/module_compiler.c
> index 464897cc..6ff91b8f 100644
> --- a/checkpolicy/module_compiler.c
> +++ b/checkpolicy/module_compiler.c
> @@ -284,9 +284,8 @@ static int create_role(uint32_t scope, unsigned char isattr, role_datum_t **role
> ret = require_symbol(SYM_ROLES, id, datum, &value, &value);
> }
>
> - datum->s.value = value;
> -
> if (ret == 0) {
> + datum->s.value = value;
> *role = datum;
> *key = strdup(id);
> if (*key == NULL) {
> @@ -303,6 +302,7 @@ static int create_role(uint32_t scope, unsigned char isattr, role_datum_t **role
> free(datum);
> return -1;
> }
> + datum->s.value = value;
> *role = datum;
> *key = id;
> } else {
> @@ -529,9 +529,8 @@ static int create_user(uint32_t scope, user_datum_t **user, char **key)
> ret = require_symbol(SYM_USERS, id, datum, &value, &value);
> }
>
> - datum->s.value = value;
> -
> if (ret == 0) {
> + datum->s.value = value;
> *user = datum;
> *key = strdup(id);
> if (*key == NULL) {
> @@ -539,6 +538,7 @@ static int create_user(uint32_t scope, user_datum_t **user, char **key)
> return -1;
> }
> } else if (ret == 1) {
> + datum->s.value = value;
> *user = datum;
> *key = id;
> } else {
> --
> 2.43.0
>
>
