From: Eric Paris Date: Wed, 3 Sep 2008 15:49:47 +0000 (-0400) Subject: SELinux: memory leak in security_context_to_sid_core X-Git-Tag: v2.6.27-rc6~45^2 X-Git-Url: http://pilppa.com/gitweb/?a=commitdiff_plain;h=8e531af90f3940615623dc0aa6c94866a6773601;p=linux-2.6-omap-h63xx.git SELinux: memory leak in security_context_to_sid_core Fix a bug and a philosophical decision about who handles errors. security_context_to_sid_core() was leaking a context in the common case. This was causing problems on fedora systems which recently have started making extensive use of this function. In discussion it was decided that if string_to_context_struct() had an error it was its own responsibility to clean up any mess it created along the way. Signed-off-by: Eric Paris Acked-by: Stephen Smalley Signed-off-by: James Morris --- diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index b52f923ce68..d11a8154500 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -811,11 +811,12 @@ static int string_to_context_struct(struct policydb *pol, /* Check the validity of the new context. */ if (!policydb_context_isvalid(pol, ctx)) { rc = -EINVAL; - context_destroy(ctx); goto out; } rc = 0; out: + if (rc) + context_destroy(ctx); return rc; } @@ -868,8 +869,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, } else if (rc) goto out; rc = sidtab_context_to_sid(&sidtab, &context, sid); - if (rc) - context_destroy(&context); + context_destroy(&context); out: read_unlock(&policy_rwlock); kfree(scontext2);