From 5a10f05f53ef78c48ebce3d512960c71100073d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Tue, 6 Jul 2021 19:54:28 +0200 Subject: [PATCH] checkpolicy: check before potential NULL dereference MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit policy_define.c: In function ‘define_te_avtab_extended_perms’: policy_define.c:1946:17: error: potential null pointer dereference [-Werror=null-dereference] 1946 | r->omit = omit; | ^ In the case of `r` being NULL, avrule_read_ioctls() would return with its parameter `rangehead` being a pointer to NULL, which is considered a failure in its caller `avrule_ioctl_ranges`. So it is not necessary to alter the return value. Found by GCC 11 with LTO enabled. Signed-off-by: Christian Göttsche --- checkpolicy/policy_define.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c index 049df55f..88785785 100644 --- a/checkpolicy/policy_define.c +++ b/checkpolicy/policy_define.c @@ -1943,7 +1943,9 @@ int avrule_read_ioctls(struct av_ioctl_range_list **rangehead) } } r = *rangehead; - r->omit = omit; + if (r) { + r->omit = omit; + } return 0; error: yyerror("out of memory");