Gcc's "threading" of conditionals can lead to undue warnings, as reported in e.g. https://gcc.gnu.org/bugzilla/show_bug.cgi?id=116519 (no matter that the overall situation is different there). While my gcc15 complains ("buf[2] may be used uninitialized in this function") about only two of the three instances (not about the one in type_read()), adjust all three to be on the safe side.
Signed-off-by: Jan Beulich <[email protected]> --- While auditing uses of next_entry(), I noticed POLICYDB_VERSION_ROLETRANS dependent ones in policydb_read(): How come the 4th slot isn't used at all there (not even checked for being e.g. zero, i.e. holding no useful data)? Then again other instances can be found where data is read but outright ignored. --- a/xen/xsm/flask/ss/policydb.c +++ b/xen/xsm/flask/ss/policydb.c @@ -1271,7 +1271,10 @@ static int cf_check role_read(struct pol if ( ver >= POLICYDB_VERSION_BOUNDARY ) rc = next_entry(buf, fp, sizeof(buf[0]) * 3); else + { rc = next_entry(buf, fp, sizeof(buf[0]) * 2); + buf[2] = cpu_to_le32(0); /* gcc14 onwards */ + } if ( rc < 0 ) goto bad; @@ -1342,7 +1345,10 @@ static int cf_check type_read(struct pol if ( ver >= POLICYDB_VERSION_BOUNDARY ) rc = next_entry(buf, fp, sizeof(buf[0]) * 4); else + { rc = next_entry(buf, fp, sizeof(buf[0]) * 3); + buf[3] = cpu_to_le32(0); /* gcc14 onwards */ + } if ( rc < 0 ) goto bad; @@ -1436,7 +1442,10 @@ static int cf_check user_read(struct pol if ( ver >= POLICYDB_VERSION_BOUNDARY ) rc = next_entry(buf, fp, sizeof(buf[0]) * 3); else + { rc = next_entry(buf, fp, sizeof(buf[0]) * 2); + buf[2] = cpu_to_le32(0); /* gcc14 onwards */ + } if ( rc < 0 ) goto bad;
