policycoreutils: sestatus: rewrite to shut up coverity

The code did:

len = strlen(string);
new_string = malloc(len);
strncpy(new_string, string, len - 1)

Which is perfectly legal, but it pissed off coverity because 99/100
times if you do new_string = malloc(strlen(string)) you are doing it
wrong (you didn't leave room for the nul).  I rewrote that area to just
use strdup and then to blank out the last character with a nul.  It's
clear what's going on and nothing looks 'tricky'.  It does cost us 1
byte of heap allocation.  I think we can live with that to have safer
looking string handling code.

Signed-off-by: Eric Paris <eparis@redhat.com>

policycoreutils/sestatus/sestatus.c

@@ -172,7 +172,7 @@ void printf_tab(const char *outp)
 int main(int argc, char **argv)
 {
 	/* these vars are reused several times */
-	int rc, opt, i, c, size;
+	int rc, opt, i, c;
 	char *context, *root_path;
 
 	/* files that need context checks */
@@ -244,22 +244,21 @@ int main(int argc, char **argv)
 	}
 
 	printf_tab("SELinux root directory:");
-	if ((root_dir = selinux_path()) != NULL) {
+	root_dir = selinux_path();
-		/* The path has a trailing '/' so remove it */
+	if (root_dir == NULL) {
-		size = strlen(root_dir);
+		printf("error (%s)\n", strerror(errno));
-		root_path = malloc(size);
+		return -1;
+	}
+	/* The path has a trailing '/' so duplicate to edit */
+	root_path = strdup(root_dir);
 	if (!root_path) {
 		printf("malloc error (%s)\n", strerror(errno));
 		return -1;
 	}
-		memset(root_path, 0, size);
+	/* actually blank the '/' */
-		strncpy(root_path, root_dir, (size-1)) ;
+	root_path[strlen(root_path) - 1] = '\0';
 	printf("%s\n", root_path);
 	free(root_path);
-	} else {
-			printf("error (%s)\n", strerror(errno));
-		return -1;
-	}
 
 	/* Dump all the path information */
 	printf_tab("Loaded policy name:");