kernel/auditfilter.c: fix leak in audit_add_rule() error path

If both 'tree' and 'watch' are valid we must call audit_put_tree(), just
like the preceding code within audit_add_rule().

Signed-off-by: Chen Gang <gang.chen@asianux.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Eric Paris <eparis@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

1 files changed, 6 insertions, 0 deletions

diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 0ee9eff866d6..3d15c66b7f0b 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -865,6 +865,12 @@ static inline int audit_add_rule(struct audit_entry *entry)
                 err = audit_add_watch(&entry->rule, &list);
                 if (err) {
                         mutex_unlock(&audit_filter_mutex);
+                        /*
+                         * normally audit_add_tree_rule() will free it
+                         * on failure
+                         */
+                        if (tree)
+                                audit_put_tree(tree);
                         goto error;
                 }
         }