aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2008-09-03 11:49:47 -0400
committerJames Morris <jmorris@namei.org>2008-09-03 18:35:13 -0400
commit8e531af90f3940615623dc0aa6c94866a6773601 (patch)
treed618b12f26648de917cbec53677c734362e6bfc2
parentec0c15afb41fd9ad45b53468b60db50170e22346 (diff)
SELinux: memory leak in security_context_to_sid_core
Fix a bug and a philosophical decision about who handles errors. security_context_to_sid_core() was leaking a context in the common case. This was causing problems on fedora systems which recently have started making extensive use of this function. In discussion it was decided that if string_to_context_struct() had an error it was its own responsibility to clean up any mess it created along the way. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--security/selinux/ss/services.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index b52f923ce680..d11a8154500f 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -811,11 +811,12 @@ static int string_to_context_struct(struct policydb *pol,
811 /* Check the validity of the new context. */ 811 /* Check the validity of the new context. */
812 if (!policydb_context_isvalid(pol, ctx)) { 812 if (!policydb_context_isvalid(pol, ctx)) {
813 rc = -EINVAL; 813 rc = -EINVAL;
814 context_destroy(ctx);
815 goto out; 814 goto out;
816 } 815 }
817 rc = 0; 816 rc = 0;
818out: 817out:
818 if (rc)
819 context_destroy(ctx);
819 return rc; 820 return rc;
820} 821}
821 822
@@ -868,8 +869,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len,
868 } else if (rc) 869 } else if (rc)
869 goto out; 870 goto out;
870 rc = sidtab_context_to_sid(&sidtab, &context, sid); 871 rc = sidtab_context_to_sid(&sidtab, &context, sid);
871 if (rc) 872 context_destroy(&context);
872 context_destroy(&context);
873out: 873out:
874 read_unlock(&policy_rwlock); 874 read_unlock(&policy_rwlock);
875 kfree(scontext2); 875 kfree(scontext2);