diff options
| author | Geyslan G. Bem <geyslan@gmail.com> | 2013-11-24 06:37:01 -0500 |
|---|---|---|
| committer | Paul Moore <pmoore@redhat.com> | 2013-11-25 17:00:33 -0500 |
| commit | 8e645c345a4cf6b8b13054b4ec2f6371f05876a9 (patch) | |
| tree | d81d01ba23cb6dc1b12396d4992fea48e1b5b0ee | |
| parent | b5495b4217d3fa64deac479db83dbede149af7d8 (diff) | |
selinux: fix possible memory leak
Free 'ctx_str' when necessary.
Signed-off-by: Geyslan G. Bem <geyslan@gmail.com>
Cc: stable@vger.kernel.org
Signed-off-by: Paul Moore <pmoore@redhat.com>
| -rw-r--r-- | security/selinux/xfrm.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c index a91d205ec0c6..cf79a4564e38 100644 --- a/security/selinux/xfrm.c +++ b/security/selinux/xfrm.c | |||
| @@ -327,19 +327,22 @@ int selinux_xfrm_state_alloc_acquire(struct xfrm_state *x, | |||
| 327 | return rc; | 327 | return rc; |
| 328 | 328 | ||
| 329 | ctx = kmalloc(sizeof(*ctx) + str_len, GFP_ATOMIC); | 329 | ctx = kmalloc(sizeof(*ctx) + str_len, GFP_ATOMIC); |
| 330 | if (!ctx) | 330 | if (!ctx) { |
| 331 | return -ENOMEM; | 331 | rc = -ENOMEM; |
| 332 | goto out; | ||
| 333 | } | ||
| 332 | 334 | ||
| 333 | ctx->ctx_doi = XFRM_SC_DOI_LSM; | 335 | ctx->ctx_doi = XFRM_SC_DOI_LSM; |
| 334 | ctx->ctx_alg = XFRM_SC_ALG_SELINUX; | 336 | ctx->ctx_alg = XFRM_SC_ALG_SELINUX; |
| 335 | ctx->ctx_sid = secid; | 337 | ctx->ctx_sid = secid; |
| 336 | ctx->ctx_len = str_len; | 338 | ctx->ctx_len = str_len; |
| 337 | memcpy(ctx->ctx_str, ctx_str, str_len); | 339 | memcpy(ctx->ctx_str, ctx_str, str_len); |
| 338 | kfree(ctx_str); | ||
| 339 | 340 | ||
| 340 | x->security = ctx; | 341 | x->security = ctx; |
| 341 | atomic_inc(&selinux_xfrm_refcount); | 342 | atomic_inc(&selinux_xfrm_refcount); |
| 342 | return 0; | 343 | out: |
| 344 | kfree(ctx_str); | ||
| 345 | return rc; | ||
| 343 | } | 346 | } |
| 344 | 347 | ||
| 345 | /* | 348 | /* |