aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2007-08-01 11:12:59 -0400
committerJames Morris <jmorris@namei.org>2007-08-02 11:52:26 -0400
commite6e0871cce2ae04f5790543ad2f4ec36b23260ba (patch)
tree0af9d48482dbdb8b949fb673eb5bf48fd5611cc5
parent088999e98b8caecd31adc3b62223a228555c5ab7 (diff)
Net/Security: fix memory leaks from security_secid_to_secctx()
The security_secid_to_secctx() function returns memory that must be freed by a call to security_release_secctx() which was not always happening. This patch fixes two of these problems (all that I could find in the kernel source at present). Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--net/netlabel/netlabel_user.c4
-rw-r--r--net/xfrm/xfrm_policy.c5
2 files changed, 6 insertions, 3 deletions
diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c
index 89dcc485653..85a96a3fdda 100644
--- a/net/netlabel/netlabel_user.c
+++ b/net/netlabel/netlabel_user.c
@@ -113,8 +113,10 @@ struct audit_buffer *netlbl_audit_start_common(int type,
113 if (audit_info->secid != 0 && 113 if (audit_info->secid != 0 &&
114 security_secid_to_secctx(audit_info->secid, 114 security_secid_to_secctx(audit_info->secid,
115 &secctx, 115 &secctx,
116 &secctx_len) == 0) 116 &secctx_len) == 0) {
117 audit_log_format(audit_buf, " subj=%s", secctx); 117 audit_log_format(audit_buf, " subj=%s", secctx);
118 security_release_secctx(secctx, secctx_len);
119 }
118 120
119 return audit_buf; 121 return audit_buf;
120} 122}
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 95a47304336..e5a3be03aa0 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -2195,9 +2195,10 @@ void xfrm_audit_log(uid_t auid, u32 sid, int type, int result,
2195 } 2195 }
2196 2196
2197 if (sid != 0 && 2197 if (sid != 0 &&
2198 security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) 2198 security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) {
2199 audit_log_format(audit_buf, " subj=%s", secctx); 2199 audit_log_format(audit_buf, " subj=%s", secctx);
2200 else 2200 security_release_secctx(secctx, secctx_len);
2201 } else
2201 audit_log_task_context(audit_buf); 2202 audit_log_task_context(audit_buf);
2202 2203
2203 if (xp) { 2204 if (xp) {