Re: [PATCH 14/15] checkpolicy: avoid assigning garbage values

James Carter <jwcart2@xxxxxxxxx> · Mon, 4 Mar 2024 14:20:35 -0500



On Tue, Feb 13, 2024 at 3:38 PM James Carter <jwcart2@xxxxxxxxx> wrote:
>
> On Mon, Jan 22, 2024 at 9:02 AM Christian Göttsche
> <cgzones@xxxxxxxxxxxxxx> wrote:
> >
> > Only assign the computed value on success, since it is not set by
> > declare_symbol() on failure.
> >
> > Reported by GCC:
> >
> >     module_compiler.c: In function 'create_role':
> >     module_compiler.c:287:24: warning: use of uninitialized value 'value' [CWE-457] [-Wanalyzer-use-of-uninitialized-value]
> >       287 |         datum->s.value = value;
> >           |         ~~~~~~~~~~~~~~~^~~~~~~
> >
> > Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
>
> Acked-by: James Carter <jwcart2@xxxxxxxxx>
>
Merged.
Thanks,
Jim

> > ---
> >  checkpolicy/module_compiler.c | 8 ++++----
> >  1 file changed, 4 insertions(+), 4 deletions(-)
> >
> > diff --git a/checkpolicy/module_compiler.c b/checkpolicy/module_compiler.c
> > index 464897cc..6ff91b8f 100644
> > --- a/checkpolicy/module_compiler.c
> > +++ b/checkpolicy/module_compiler.c
> > @@ -284,9 +284,8 @@ static int create_role(uint32_t scope, unsigned char isattr, role_datum_t **role
> >                 ret = require_symbol(SYM_ROLES, id, datum, &value, &value);
> >         }
> >
> > -       datum->s.value = value;
> > -
> >         if (ret == 0) {
> > +               datum->s.value = value;
> >                 *role = datum;
> >                 *key = strdup(id);
> >                 if (*key == NULL) {
> > @@ -303,6 +302,7 @@ static int create_role(uint32_t scope, unsigned char isattr, role_datum_t **role
> >                         free(datum);
> >                         return -1;
> >                 }
> > +               datum->s.value = value;
> >                 *role = datum;
> >                 *key = id;
> >         } else {
> > @@ -529,9 +529,8 @@ static int create_user(uint32_t scope, user_datum_t **user, char **key)
> >                 ret = require_symbol(SYM_USERS, id, datum, &value, &value);
> >         }
> >
> > -       datum->s.value = value;
> > -
> >         if (ret == 0) {
> > +               datum->s.value = value;
> >                 *user = datum;
> >                 *key = strdup(id);
> >                 if (*key == NULL) {
> > @@ -539,6 +538,7 @@ static int create_user(uint32_t scope, user_datum_t **user, char **key)
> >                         return -1;
> >                 }
> >         } else if (ret == 1) {
> > +               datum->s.value = value;
> >                 *user = datum;
> >                 *key = id;
> >         } else {
> > --
> > 2.43.0
> >
> >