On Mon, Oct 28, 2024 at 1:15 PM James Carter <jwcart2@xxxxxxxxx> wrote: > > On Fri, Oct 25, 2024 at 2:31 PM Vit Mojzis <vmojzis@xxxxxxxxxx> wrote: > > > > Fixes: > > Error: IDENTICAL_BRANCHES (CWE-398): > > libselinux-3.6/src/setexecfilecon.c:45: implicit_else: The code from the above if-then branch is identical to the code after the if statement. > > libselinux-3.6/src/setexecfilecon.c:43: identical_branches: The same code is executed when the condition "rc < 0" is true or false, because the code in the if-then branch and after the if statement is identical. Should the if statement be removed? > > \# 41| > > \# 42| rc = setexeccon(newcon); > > \# 43|-> if (rc < 0) > > \# 44| goto out; > > \# 45| out: > > > > Signed-off-by: Vit Mojzis <vmojzis@xxxxxxxxxx> > > For these two patches: > Acked-by: James Carter <jwcart2@xxxxxxxxx> > These two patches have been merged. Thanks, Jim > > --- > > libselinux/src/setexecfilecon.c | 2 -- > > 1 file changed, 2 deletions(-) > > > > diff --git a/libselinux/src/setexecfilecon.c b/libselinux/src/setexecfilecon.c > > index 2c6505a9..4b31e775 100644 > > --- a/libselinux/src/setexecfilecon.c > > +++ b/libselinux/src/setexecfilecon.c > > @@ -40,8 +40,6 @@ int setexecfilecon(const char *filename, const char *fallback_type) > > } > > > > rc = setexeccon(newcon); > > - if (rc < 0) > > - goto out; > > out: > > > > if (rc < 0 && security_getenforce() == 0) > > -- > > 2.47.0 > > > >
