selinux: simple cleanup for cond_read_node()

The node->cur_state and len can be read in a single call of next_entry(). And setting len before reading is a dead write so can be eliminated. Signed-off-by: Namhyung Kim <namhyung@kernel.org> (Minor tweak to the length parameter in the call to next_entry()) Signed-off-by: Paul Moore <pmoore@redhat.com> Signed-off-by: Pranav Vashi <neobuddy89@gmail.com>
author: Namhyung Kim <namhyung@kernel.org> 2014-06-15 01:19:01 +0900
committer: Mister Oyster <oysterized@gmail.com> 2017-05-24 02:55:08 +0200
commit: 1d2dc9679e5719e1649335b22dec4daceeeb2dd1 (patch)
tree: 570d7780fe4605ec9143a960aaedd603ec236b67 /security
parent: 1f4f8665b96e6d258f79add4314f43678a8bf967 (diff)
1 files changed, 2 insertions, 7 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index ba7dd9366..d5d4d8316 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -403,19 +403,14 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp)
 	int rc;
 	struct cond_expr *expr = NULL, *last = NULL;
 
-	rc = next_entry(buf, fp, sizeof(u32));
+	rc = next_entry(buf, fp, sizeof(u32) * 2);
 	if (rc)
 		return rc;
 
 	node->cur_state = le32_to_cpu(buf[0]);
 
-	len = 0;
-	rc = next_entry(buf, fp, sizeof(u32));
-	if (rc)
-		return rc;
-
 	/* expr */
-	len = le32_to_cpu(buf[0]);
+	len = le32_to_cpu(buf[1]);
 
 	for (i = 0; i < len; i++) {
 		rc = next_entry(buf, fp, sizeof(u32) * 2);
author	Namhyung Kim <namhyung@kernel.org>	2014-06-15 01:19:01 +0900
committer	Mister Oyster <oysterized@gmail.com>	2017-05-24 02:55:08 +0200
commit	1d2dc9679e5719e1649335b22dec4daceeeb2dd1 (patch)
tree	570d7780fe4605ec9143a960aaedd603ec236b67 /security
parent	1f4f8665b96e6d258f79add4314f43678a8bf967 (diff)