-
Bug
-
Resolution: Done-Errata
-
Normal
-
rhel-9.4
-
libsepol-3.6-3.el9
-
None
-
Low
-
2
-
rhel-security-selinux
-
ssg_security
-
5
-
2
-
QE ack
-
False
-
False
-
-
No
-
CY24Q2, SELINUX 250402: 4
-
Unspecified Release Note Type - Unknown
-
None
Error: UNINIT (CWE-457): [#def83] [important] libsepol-3.6/src/mls.c:673: alloc_fn: Calling "malloc" which returns uninitialized memory. libsepol-3.6/src/mls.c:673: assign: Assigning: "ctx1" = "malloc(64UL)", which points to uninitialized data. libsepol-3.6/src/mls.c:699: uninit_use_in_call: Using uninitialized value "ctx1->range.level[0].cat.node" when calling "context_destroy". # 697| ERR(handle, "could not check if mls context %s contains %s", # 698| mls1, mls2); # 699|-> context_destroy(ctx1); # 700| context_destroy(ctx2); # 701| free(ctx1);
Error: UNINIT (CWE-457): [#def84] [important] libsepol-3.6/src/mls.c:674: alloc_fn: Calling "malloc" which returns uninitialized memory. libsepol-3.6/src/mls.c:674: assign: Assigning: "ctx2" = "malloc(64UL)", which points to uninitialized data. libsepol-3.6/src/mls.c:700: uninit_use_in_call: Using uninitialized value "ctx2->range.level[0].cat.node" when calling "context_destroy". # 698| mls1, mls2); # 699| context_destroy(ctx1); # 700|-> context_destroy(ctx2); # 701| free(ctx1); # 702| free(ctx2);
Error: UNINIT (CWE-457): [#def9] [important]
libsepol-3.6/cil/src/cil_binary.c:1348: var_decl: Declaring variable "avtab_datum" without initializer.
libsepol-3.6/cil/src/cil_binary.c:1384: uninit_use_in_call: Using uninitialized value "avtab_datum". Field "avtab_datum.xperms" is uninitialized when calling "__cil_cond_insert_rule".
# 1382| } else {
# 1383| avtab_datum.data = data;
# 1384|-> rc = __cil_cond_insert_rule(&pdb->te_cond_avtab, &avtab_key, &avtab_datum, cond_node, cond_flavor);
# 1385| }
# 1386|
Error: UNINIT (CWE-457): [#def6] [important] libsepol-3.6/cil/src/cil_binary.c:977: var_decl: Declaring variable "avtab_datum" without initializer. libsepol-3.6/cil/src/cil_binary.c:1059: uninit_use_in_call: Using uninitialized value "avtab_datum". Field "avtab_datum.xperms" is uninitialized when calling "__cil_cond_insert_rule". # 1057| } # 1058| } # 1059|-> rc = __cil_cond_insert_rule(&pdb->te_cond_avtab, &avtab_key, &avtab_datum, cond_node, cond_flavor); # 1060| } # 1061|
Error: UNINIT (CWE-457): [#def47] [important]
libsepol-3.6/cil/src/cil_post.c:1307: var_decl: Declaring variable "tmp" without initializer.
libsepol-3.6/cil/src/cil_post.c:1380: uninit_use_in_call: Using uninitialized value "tmp.node" when calling "ebitmap_destroy".
# 1378| if (rc != SEPOL_OK) {
# 1379| cil_log(CIL_INFO, "Failed to apply operator to bitmaps\n");
# 1380|-> ebitmap_destroy(&tmp);
# 1381| goto exit;
# 1382| }
Error: UNINIT (CWE-457): [#def70] [important]
libsepol-3.6/src/kernel_to_cil.c:1427: var_decl: Declaring variable "strs" without initializer.
libsepol-3.6/src/kernel_to_cil.c:1475: uninit_use_in_call: Using uninitialized value "strs" when calling "strs_destroy".
# 1473|
# 1474| exit:
# 1475|-> strs_destroy(&strs);
# 1476|
# 1477| if (rc != 0) {
Error: UNINIT (CWE-457): [#def73] [important]
libsepol-3.6/src/kernel_to_conf.c:1410: var_decl: Declaring variable "strs" without initializer.
libsepol-3.6/src/kernel_to_conf.c:1449: uninit_use_in_call: Using uninitialized value "strs" when calling "strs_destroy".
# 1447|
# 1448| exit:
# 1449|-> strs_destroy(&strs);
# 1450|
# 1451| if (rc != 0) {
- is cloned by
-
-
- Closed
-
- links to
-
RHBA-2025:147390
libsepol update