diff options
author | Paul Moore <paul.moore@hp.com> | 2007-08-01 11:12:59 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2007-08-02 11:52:26 -0400 |
commit | e6e0871cce2ae04f5790543ad2f4ec36b23260ba (patch) | |
tree | 0af9d48482dbdb8b949fb673eb5bf48fd5611cc5 /net | |
parent | 088999e98b8caecd31adc3b62223a228555c5ab7 (diff) |
Net/Security: fix memory leaks from security_secid_to_secctx()
The security_secid_to_secctx() function returns memory that must be freed
by a call to security_release_secctx() which was not always happening. This
patch fixes two of these problems (all that I could find in the kernel source
at present).
Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'net')
-rw-r--r-- | net/netlabel/netlabel_user.c | 4 | ||||
-rw-r--r-- | net/xfrm/xfrm_policy.c | 5 |
2 files changed, 6 insertions, 3 deletions
diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c index 89dcc485653b..85a96a3fddaa 100644 --- a/net/netlabel/netlabel_user.c +++ b/net/netlabel/netlabel_user.c | |||
@@ -113,8 +113,10 @@ struct audit_buffer *netlbl_audit_start_common(int type, | |||
113 | if (audit_info->secid != 0 && | 113 | if (audit_info->secid != 0 && |
114 | security_secid_to_secctx(audit_info->secid, | 114 | security_secid_to_secctx(audit_info->secid, |
115 | &secctx, | 115 | &secctx, |
116 | &secctx_len) == 0) | 116 | &secctx_len) == 0) { |
117 | audit_log_format(audit_buf, " subj=%s", secctx); | 117 | audit_log_format(audit_buf, " subj=%s", secctx); |
118 | security_release_secctx(secctx, secctx_len); | ||
119 | } | ||
118 | 120 | ||
119 | return audit_buf; | 121 | return audit_buf; |
120 | } | 122 | } |
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index 95a47304336d..e5a3be03aa0d 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c | |||
@@ -2195,9 +2195,10 @@ void xfrm_audit_log(uid_t auid, u32 sid, int type, int result, | |||
2195 | } | 2195 | } |
2196 | 2196 | ||
2197 | if (sid != 0 && | 2197 | if (sid != 0 && |
2198 | security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) | 2198 | security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) { |
2199 | audit_log_format(audit_buf, " subj=%s", secctx); | 2199 | audit_log_format(audit_buf, " subj=%s", secctx); |
2200 | else | 2200 | security_release_secctx(secctx, secctx_len); |
2201 | } else | ||
2201 | audit_log_task_context(audit_buf); | 2202 | audit_log_task_context(audit_buf); |
2202 | 2203 | ||
2203 | if (xp) { | 2204 | if (xp) { |