| Message ID | 20190203110152.15064-1-nicolas.iooss@m4x.org (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Petr Lautrbach |
| Headers | show |
| Series | [1/1] libsepol: do not use uninitialized value for low_value | expand |
On 2/3/19 6:01 AM, Nicolas Iooss wrote: > clang's static analyzer reports a warning when low_bit is used without > having been initialized in statements such as: > > low_value = low_bit << 8; > > The warning is: "Result of operation is garbage or undefined". > > This is caused by low_bit being only initialized when in_range is true. > This issue is not critical because low_value is only used in an > "if (in_range)" block. Silence this warning by moving low_value's > assignment inside this block. > > Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org> Acked-by: James Carter <jwcart2@tycho.nsa.gov> > --- > libsepol/src/kernel_to_cil.c | 4 ++-- > libsepol/src/module_to_cil.c | 4 ++-- > libsepol/src/util.c | 4 ++-- > 3 files changed, 6 insertions(+), 6 deletions(-) > > diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c > index 63e4d4899758..cd3554e8dfd9 100644 > --- a/libsepol/src/kernel_to_cil.c > +++ b/libsepol/src/kernel_to_cil.c > @@ -1614,8 +1614,8 @@ static char *xperms_to_str(avtab_extended_perms_t *xperms) > > if (xperms->specified & AVTAB_XPERMS_IOCTLFUNCTION) { > value = xperms->driver<<8 | bit; > - low_value = xperms->driver<<8 | low_bit; > if (in_range) { > + low_value = xperms->driver<<8 | low_bit; > len = snprintf(p, remaining, " (range 0x%hx 0x%hx)", low_value, value); > in_range = 0; > } else { > @@ -1623,8 +1623,8 @@ static char *xperms_to_str(avtab_extended_perms_t *xperms) > } > } else if (xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) { > value = bit << 8; > - low_value = low_bit << 8; > if (in_range) { > + low_value = low_bit << 8; > len = snprintf(p, remaining, " (range 0x%hx 0x%hx)", low_value, (uint16_t) (value|0xff)); > in_range = 0; > } else { > diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c > index 4cb44e0ee657..f04589edaeff 100644 > --- a/libsepol/src/module_to_cil.c > +++ b/libsepol/src/module_to_cil.c > @@ -655,8 +655,8 @@ static int xperms_to_cil(const av_extended_perms_t *xperms) > > if (xperms->specified & AVTAB_XPERMS_IOCTLFUNCTION) { > value = xperms->driver<<8 | bit; > - low_value = xperms->driver<<8 | low_bit; > if (in_range) { > + low_value = xperms->driver<<8 | low_bit; > cil_printf("(range 0x%hx 0x%hx)", low_value, value); > in_range = 0; > } else { > @@ -664,8 +664,8 @@ static int xperms_to_cil(const av_extended_perms_t *xperms) > } > } else if (xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) { > value = bit << 8; > - low_value = low_bit << 8; > if (in_range) { > + low_value = low_bit << 8; > cil_printf("(range 0x%hx 0x%hx)", low_value, (uint16_t) (value|0xff)); > in_range = 0; > } else { > diff --git a/libsepol/src/util.c b/libsepol/src/util.c > index b00251c69aa5..a4008882b94b 100644 > --- a/libsepol/src/util.c > +++ b/libsepol/src/util.c > @@ -159,16 +159,16 @@ char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms) > > if (xperms->specified & AVTAB_XPERMS_IOCTLFUNCTION) { > value = xperms->driver<<8 | bit; > - low_value = xperms->driver<<8 | low_bit; > if (in_range) { > + low_value = xperms->driver<<8 | low_bit; > len = snprintf(p, sizeof(xpermsbuf) - xpermslen, "0x%hx-0x%hx ", low_value, value); > } else { > len = snprintf(p, sizeof(xpermsbuf) - xpermslen, "0x%hx ", value); > } > } else if (xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) { > value = bit << 8; > - low_value = low_bit << 8; > if (in_range) { > + low_value = low_bit << 8; > len = snprintf(p, sizeof(xpermsbuf) - xpermslen, "0x%hx-0x%hx ", low_value, (uint16_t) (value|0xff)); > } else { > len = snprintf(p, sizeof(xpermsbuf) - xpermslen, "0x%hx-0x%hx ", value, (uint16_t) (value|0xff)); >
jwcart2 <jwcart2@tycho.nsa.gov> writes: > On 2/3/19 6:01 AM, Nicolas Iooss wrote: >> clang's static analyzer reports a warning when low_bit is used without >> having been initialized in statements such as: >> >> low_value = low_bit << 8; >> >> The warning is: "Result of operation is garbage or undefined". >> >> This is caused by low_bit being only initialized when in_range is true. >> This issue is not critical because low_value is only used in an >> "if (in_range)" block. Silence this warning by moving low_value's >> assignment inside this block. >> >> Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org> > > Acked-by: James Carter <jwcart2@tycho.nsa.gov> Merged. > >> --- >> libsepol/src/kernel_to_cil.c | 4 ++-- >> libsepol/src/module_to_cil.c | 4 ++-- >> libsepol/src/util.c | 4 ++-- >> 3 files changed, 6 insertions(+), 6 deletions(-) >> >> diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c >> index 63e4d4899758..cd3554e8dfd9 100644 >> --- a/libsepol/src/kernel_to_cil.c >> +++ b/libsepol/src/kernel_to_cil.c >> @@ -1614,8 +1614,8 @@ static char *xperms_to_str(avtab_extended_perms_t *xperms) >> if (xperms->specified & AVTAB_XPERMS_IOCTLFUNCTION) { >> value = xperms->driver<<8 | bit; >> - low_value = xperms->driver<<8 | low_bit; >> if (in_range) { >> + low_value = xperms->driver<<8 | low_bit; >> len = snprintf(p, remaining, " (range 0x%hx 0x%hx)", low_value, value); >> in_range = 0; >> } else { >> @@ -1623,8 +1623,8 @@ static char *xperms_to_str(avtab_extended_perms_t *xperms) >> } >> } else if (xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) { >> value = bit << 8; >> - low_value = low_bit << 8; >> if (in_range) { >> + low_value = low_bit << 8; >> len = snprintf(p, remaining, " (range 0x%hx 0x%hx)", low_value, (uint16_t) (value|0xff)); >> in_range = 0; >> } else { >> diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c >> index 4cb44e0ee657..f04589edaeff 100644 >> --- a/libsepol/src/module_to_cil.c >> +++ b/libsepol/src/module_to_cil.c >> @@ -655,8 +655,8 @@ static int xperms_to_cil(const av_extended_perms_t *xperms) >> if (xperms->specified & AVTAB_XPERMS_IOCTLFUNCTION) { >> value = xperms->driver<<8 | bit; >> - low_value = xperms->driver<<8 | low_bit; >> if (in_range) { >> + low_value = xperms->driver<<8 | low_bit; >> cil_printf("(range 0x%hx 0x%hx)", low_value, value); >> in_range = 0; >> } else { >> @@ -664,8 +664,8 @@ static int xperms_to_cil(const av_extended_perms_t *xperms) >> } >> } else if (xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) { >> value = bit << 8; >> - low_value = low_bit << 8; >> if (in_range) { >> + low_value = low_bit << 8; >> cil_printf("(range 0x%hx 0x%hx)", low_value, (uint16_t) (value|0xff)); >> in_range = 0; >> } else { >> diff --git a/libsepol/src/util.c b/libsepol/src/util.c >> index b00251c69aa5..a4008882b94b 100644 >> --- a/libsepol/src/util.c >> +++ b/libsepol/src/util.c >> @@ -159,16 +159,16 @@ char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms) >> if (xperms->specified & AVTAB_XPERMS_IOCTLFUNCTION) { >> value = xperms->driver<<8 | bit; >> - low_value = xperms->driver<<8 | low_bit; >> if (in_range) { >> + low_value = xperms->driver<<8 | low_bit; >> len = snprintf(p, sizeof(xpermsbuf) - xpermslen, "0x%hx-0x%hx ", low_value, value); >> } else { >> len = snprintf(p, sizeof(xpermsbuf) - xpermslen, "0x%hx ", value); >> } >> } else if (xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) { >> value = bit << 8; >> - low_value = low_bit << 8; >> if (in_range) { >> + low_value = low_bit << 8; >> len = snprintf(p, sizeof(xpermsbuf) - xpermslen, "0x%hx-0x%hx ", low_value, (uint16_t) (value|0xff)); >> } else { >> len = snprintf(p, sizeof(xpermsbuf) - xpermslen, "0x%hx-0x%hx ", value, (uint16_t) (value|0xff)); >>
diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c index 63e4d4899758..cd3554e8dfd9 100644 --- a/libsepol/src/kernel_to_cil.c +++ b/libsepol/src/kernel_to_cil.c @@ -1614,8 +1614,8 @@ static char *xperms_to_str(avtab_extended_perms_t *xperms) if (xperms->specified & AVTAB_XPERMS_IOCTLFUNCTION) { value = xperms->driver<<8 | bit; - low_value = xperms->driver<<8 | low_bit; if (in_range) { + low_value = xperms->driver<<8 | low_bit; len = snprintf(p, remaining, " (range 0x%hx 0x%hx)", low_value, value); in_range = 0; } else { @@ -1623,8 +1623,8 @@ static char *xperms_to_str(avtab_extended_perms_t *xperms) } } else if (xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) { value = bit << 8; - low_value = low_bit << 8; if (in_range) { + low_value = low_bit << 8; len = snprintf(p, remaining, " (range 0x%hx 0x%hx)", low_value, (uint16_t) (value|0xff)); in_range = 0; } else { diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c index 4cb44e0ee657..f04589edaeff 100644 --- a/libsepol/src/module_to_cil.c +++ b/libsepol/src/module_to_cil.c @@ -655,8 +655,8 @@ static int xperms_to_cil(const av_extended_perms_t *xperms) if (xperms->specified & AVTAB_XPERMS_IOCTLFUNCTION) { value = xperms->driver<<8 | bit; - low_value = xperms->driver<<8 | low_bit; if (in_range) { + low_value = xperms->driver<<8 | low_bit; cil_printf("(range 0x%hx 0x%hx)", low_value, value); in_range = 0; } else { @@ -664,8 +664,8 @@ static int xperms_to_cil(const av_extended_perms_t *xperms) } } else if (xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) { value = bit << 8; - low_value = low_bit << 8; if (in_range) { + low_value = low_bit << 8; cil_printf("(range 0x%hx 0x%hx)", low_value, (uint16_t) (value|0xff)); in_range = 0; } else { diff --git a/libsepol/src/util.c b/libsepol/src/util.c index b00251c69aa5..a4008882b94b 100644 --- a/libsepol/src/util.c +++ b/libsepol/src/util.c @@ -159,16 +159,16 @@ char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms) if (xperms->specified & AVTAB_XPERMS_IOCTLFUNCTION) { value = xperms->driver<<8 | bit; - low_value = xperms->driver<<8 | low_bit; if (in_range) { + low_value = xperms->driver<<8 | low_bit; len = snprintf(p, sizeof(xpermsbuf) - xpermslen, "0x%hx-0x%hx ", low_value, value); } else { len = snprintf(p, sizeof(xpermsbuf) - xpermslen, "0x%hx ", value); } } else if (xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) { value = bit << 8; - low_value = low_bit << 8; if (in_range) { + low_value = low_bit << 8; len = snprintf(p, sizeof(xpermsbuf) - xpermslen, "0x%hx-0x%hx ", low_value, (uint16_t) (value|0xff)); } else { len = snprintf(p, sizeof(xpermsbuf) - xpermslen, "0x%hx-0x%hx ", value, (uint16_t) (value|0xff));
clang's static analyzer reports a warning when low_bit is used without having been initialized in statements such as: low_value = low_bit << 8; The warning is: "Result of operation is garbage or undefined". This is caused by low_bit being only initialized when in_range is true. This issue is not critical because low_value is only used in an "if (in_range)" block. Silence this warning by moving low_value's assignment inside this block. Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org> --- libsepol/src/kernel_to_cil.c | 4 ++-- libsepol/src/module_to_cil.c | 4 ++-- libsepol/src/util.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-)