expand_terule_helper: cleanups

1. Use the new helper to convert from AVRULE to AVTAB values.
2. Only check once for invalid AVRULE specified parameter.
3. Drop assert and just return error on invalid specification.

Signed-off-by: William Roberts <william.c.roberts@intel.com>

libsepol/src/expand.c

@@ -1691,26 +1691,22 @@ static int expand_terule_helper(sepol_handle_t * handle,
 	avtab_ptr_t node;
 	class_perm_node_t *cur;
 	int conflict;
-	uint32_t oldtype = 0, spec = 0;
+	uint32_t oldtype = 0;
 
-	if (specified & AVRULE_TRANSITION) {
+	if (!(specified & (AVRULE_TRANSITION|AVRULE_MEMBER|AVRULE_CHANGE))) {
-		spec = AVTAB_TRANSITION;
+		ERR(handle, "Invalid specification: %"PRIu32"\n", specified);
-	} else if (specified & AVRULE_MEMBER) {
+		return EXPAND_RULE_ERROR;
-		spec = AVTAB_MEMBER;
-	} else if (specified & AVRULE_CHANGE) {
-		spec = AVTAB_CHANGE;
-	} else {
-		assert(0);	/* unreachable */
 	}
 
+	avkey.specified = avrule_to_avtab_spec(specified);
+	avkey.source_type = stype + 1;
+	avkey.target_type = ttype + 1;
+
 	cur = perms;
 	while (cur) {
 		uint32_t remapped_data =
 		    typemap ? typemap[cur->data - 1] : cur->data;
-		avkey.source_type = stype + 1;
-		avkey.target_type = ttype + 1;
 		avkey.target_class = cur->tclass;
-		avkey.specified = spec;
 
 		conflict = 0;
 		/* check to see if the expanded TE already exists --
@@ -1772,15 +1768,7 @@ static int expand_terule_helper(sepol_handle_t * handle,
 		}
 
 		avdatump = &node->datum;
-		if (specified & AVRULE_TRANSITION) {
+		avdatump->data = remapped_data;
-			avdatump->data = remapped_data;
-		} else if (specified & AVRULE_MEMBER) {
-			avdatump->data = remapped_data;
-		} else if (specified & AVRULE_CHANGE) {
-			avdatump->data = remapped_data;
-		} else {
-			assert(0);	/* should never occur */
-		}
 
 		cur = cur->next;
 	}