On 07/06/2017 02:26 PM, Zygmunt Krynicki wrote:
> The verify_header() function has code that ensures all headers in a
> single data chunk passed to aa_unpack() have the same namespace. The
> value pointed by the ns argument is however unconditionally set to NULL
> on each invocation to verify_header(). This effectively makes the code
> that checks for namespace changes from one profile to another, dead
> code.
>
> Since the only caller, aa_unpack(), already initializes *ns = NULL the
> redundant initialization in verify_header() can be safely dropped.
>
> Signed-off-by: Zygmunt Krynicki <zygmunt.kryni...@canonical.com>
Acked-by: John Johansen <john.johan...@canonical.com>
> ---
> security/apparmor/policy_unpack.c | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/security/apparmor/policy_unpack.c
> b/security/apparmor/policy_unpack.c
> index 981d570eebba..ea7f2ad33b8b 100644
> --- a/security/apparmor/policy_unpack.c
> +++ b/security/apparmor/policy_unpack.c
> @@ -749,7 +749,6 @@ static int verify_header(struct aa_ext *e, int required,
> const char **ns)
> {
> int error = -EPROTONOSUPPORT;
> const char *name = NULL;
> - *ns = NULL;
>
> /* get the interface version */
> if (!unpack_u32(e, &e->version, "version")) {
>
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
