libselinux/0028-libselinux-setexecfilecon-remove-unnecessary-if.patch
Petr Lautrbach 3b5b188591 libselinux-3.2-3
- selinux_check_passwd_access_internal(): respect deny_unknown
- Silence -Wstringop-overflow warning from gcc 10.3.1
- Fixed misc compiler and static analyzer findings

Resolves: rhbz#1938789
2021-05-25 15:44:10 +02:00

40 lines
1.3 KiB
Diff

From 44760b7ef671b83eb7d1168b07d849d1d887b54f Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Tue, 25 May 2021 14:55:02 +0200
Subject: [PATCH] libselinux/setexecfilecon: remove unnecessary if
Fixes:
Error: IDENTICAL_BRANCHES (CWE-398): [#def2]
libselinux/src/setexecfilecon.c:46: implicit_else: The code from the above if-then branch is identical to the code after the if statement.
libselinux/src/setexecfilecon.c:44: identical_branches: The same code is executed when the condition "rc < 0" is true or false, because the code in the if-then branch and after the if statement is identical. Should the if statement be removed?
# 42|
# 43| rc = setexeccon(newcon);
# 44|-> if (rc < 0)
# 45| goto out;
# 46| out:
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
---
libselinux/src/setexecfilecon.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/libselinux/src/setexecfilecon.c b/libselinux/src/setexecfilecon.c
index 2c6505a96a48..669d426065f6 100644
--- a/libselinux/src/setexecfilecon.c
+++ b/libselinux/src/setexecfilecon.c
@@ -40,9 +40,8 @@ int setexecfilecon(const char *filename, const char *fallback_type)
}
rc = setexeccon(newcon);
- if (rc < 0)
- goto out;
- out:
+
+ out:
if (rc < 0 && security_getenforce() == 0)
rc = 0;
--
2.32.0.rc1