checkpolicy: avoid assigning garbage values

Only assign the computed value on success, since it is not set by declare_symbol() on failure. Reported by GCC: module_compiler.c: In function 'create_role': module_compiler.c:287:24: warning: use of uninitialized value 'value' [CWE-457] [-Wanalyzer-use-of-uninitialized-value] 287 | datum->s.value = value; | ~~~~~~~~~~~~~~~^~~~~~~ Signed-off-by: Christian Göttsche <[email protected]> Acked-by: James Carter <[email protected]>
SELinuxProject · Mar 4, 2024 · 22f7bb8 · 22f7bb8
1 parent 63207ce
commit 22f7bb8
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/checkpolicy/module_compiler.c b/checkpolicy/module_compiler.c
@@ -284,9 +284,8 @@ static int create_role(uint32_t scope, unsigned char isattr, role_datum_t **role
  ret = require_symbol(SYM_ROLES, id, datum, &value, &value);
  }
 
- datum->s.value = value;
-
  if (ret == 0) {
+ datum->s.value = value;
  *role = datum;
  *key = strdup(id);
  if (*key == NULL) {
@@ -303,6 +302,7 @@ static int create_role(uint32_t scope, unsigned char isattr, role_datum_t **role
  free(datum);
  return -1;
  }
+ datum->s.value = value;
  *role = datum;
  *key = id;
  } else {
@@ -529,16 +529,16 @@ static int create_user(uint32_t scope, user_datum_t **user, char **key)
  ret = require_symbol(SYM_USERS, id, datum, &value, &value);
  }
 
- datum->s.value = value;
-
  if (ret == 0) {
+ datum->s.value = value;
  *user = datum;
  *key = strdup(id);
  if (*key == NULL) {
  yyerror("Out of memory!");
  return -1;
  }
  } else if (ret == 1) {
+ datum->s.value = value;
  *user = datum;
  *key = id;
  } else {