diff options
author | Eric Paris <eparis@redhat.com> | 2008-09-03 11:49:47 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-09-04 08:35:13 +1000 |
commit | 8e531af90f3940615623dc0aa6c94866a6773601 (patch) | |
tree | d618b12f26648de917cbec53677c734362e6bfc2 /security/selinux/ss | |
parent | ec0c15afb41fd9ad45b53468b60db50170e22346 (diff) | |
download | lwn-8e531af90f3940615623dc0aa6c94866a6773601.tar.gz lwn-8e531af90f3940615623dc0aa6c94866a6773601.zip |
SELinux: memory leak in security_context_to_sid_core
Fix a bug and a philosophical decision about who handles errors.
security_context_to_sid_core() was leaking a context in the common case.
This was causing problems on fedora systems which recently have started
making extensive use of this function.
In discussion it was decided that if string_to_context_struct() had an
error it was its own responsibility to clean up any mess it created
along the way.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/ss')
-rw-r--r-- | security/selinux/ss/services.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index b52f923ce680..d11a8154500f 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -811,11 +811,12 @@ static int string_to_context_struct(struct policydb *pol, /* Check the validity of the new context. */ if (!policydb_context_isvalid(pol, ctx)) { rc = -EINVAL; - context_destroy(ctx); goto out; } rc = 0; out: + if (rc) + context_destroy(ctx); return rc; } @@ -868,8 +869,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, } else if (rc) goto out; rc = sidtab_context_to_sid(&sidtab, &context, sid); - if (rc) - context_destroy(&context); + context_destroy(&context); out: read_unlock(&policy_rwlock); kfree(scontext2); |