From 1458746f0553bacf7aca7a4b37ed37c92b04f99c Mon Sep 17 00:00:00 2001
From: Marc Hartmayer <mhartmay@linux.ibm.com>
Date: Tue, 13 Nov 2018 17:32:29 +0100
Subject: [PATCH] virSecuritySELinuxTransactionCommit: Return -1 if no
 transaction is set

Return -1 and report an error message if no transaction is set and
virSecuritySELinuxTransactionCommit is called.

The function description of virSecuritySELinuxTransactionCommit says:

  "Also it is considered as error if there's no transaction set and this
   function is called."

Signed-off-by: Marc Hartmayer <mhartmay@linux.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
---
 src/security/security_selinux.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index c09404f6f8..780d650c69 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1094,8 +1094,11 @@ virSecuritySELinuxTransactionCommit(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
     int ret = -1;
 
     list = virThreadLocalGet(&contextList);
-    if (!list)
-        return 0;
+    if (!list) {
+        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                       _("No transaction is set"));
+        return -1;
+    }
 
     if (virThreadLocalSet(&contextList, NULL) < 0) {
         virReportSystemError(errno, "%s",