libsepol: Fix error path in mls_semantic_level_expand().

If the level contains a category that is not associated with a sensitivity, the code correctly detects the condition, but does not return an error. Signed-off-by: Chris PeBenito <cpebenito@tresys.com> Acked-by: Steve Lawrence <slawrence@tresys.com>
2024-12-11 13:26:01 +00:00 · 2015-02-22 10:12:23 -05:00 · 2015-02-22 10:12:23 -05:00 · e7694874c2
commit e7694874c2
parent 38bbed0511
1 changed files with 2 additions and 1 deletions
--- a/libsepol/src/expand.c
+++ b/libsepol/src/expand.c
@ -914,10 +914,11 @@ int mls_semantic_level_expand(mls_semantic_level_t * sl, mls_level_t * l,
 		}
 		for (i = cat->low - 1; i < cat->high; i++) {
 			if (!ebitmap_get_bit(&levdatum->level->cat, i)) {
-				ERR(h, "Category %s can not be associate with "
+				ERR(h, "Category %s can not be associated with "
 				    "level %s",
 				    p->p_cat_val_to_name[i],
 				    p->p_sens_val_to_name[l->sens - 1]);
+				return -1;
 			}
 			if (ebitmap_set_bit(&l->cat, i, 1)) {
 				ERR(h, "Out of memory!");