From 28969677754ab5bf627d79a9bc41a1a316879c4d Mon Sep 17 00:00:00 2001 From: Nick Kralevich via Selinux Date: Mon, 24 Sep 2018 11:10:52 -0700 Subject: [PATCH] secilc: better error handling Fix a situation where the secilc command line tool could return success even though the compilation failed. $ secilc /dev/null -o /dev/null -f /dev/null Failure reading file: /dev/null $ echo $? 0 Signed-off-by: Nick Kralevich --- secilc/secilc.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/secilc/secilc.c b/secilc/secilc.c index e1347205..ad6862ba 100644 --- a/secilc/secilc.c +++ b/secilc/secilc.c @@ -257,6 +257,7 @@ int main(int argc, char *argv[]) rc = stat(argv[i], &filedata); if (rc == -1) { fprintf(stderr, "Could not stat file: %s\n", argv[i]); + rc = SEPOL_ERR; goto exit; } file_size = filedata.st_size; @@ -265,6 +266,7 @@ int main(int argc, char *argv[]) rc = fread(buffer, file_size, 1, file); if (rc != 1) { fprintf(stderr, "Failure reading file: %s\n", argv[i]); + rc = SEPOL_ERR; goto exit; } fclose(file); @@ -345,11 +347,13 @@ int main(int argc, char *argv[]) if (file_contexts == NULL) { fprintf(stderr, "Failed to open file_contexts file\n"); + rc = SEPOL_ERR; goto exit; } if (fwrite(fc_buf, sizeof(char), fc_size, file_contexts) != fc_size) { fprintf(stderr, "Failed to write file_contexts file\n"); + rc = SEPOL_ERR; goto exit; }