All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] libsepol: free ibendport device names
@ 2017-10-23  8:52 Jan Zarsky
  2017-10-23 14:44 ` Stephen Smalley
  0 siblings, 1 reply; 2+ messages in thread
From: Jan Zarsky @ 2017-10-23  8:52 UTC (permalink / raw)
  To: selinux

When reading policy, ibendport device names are allocated in
ocontext_read_selinux() but they are not freed when calling
sepol_policydb_free();

Fix this by freeing them in ocontext_selinux_free().

Signed-off-by: Jan Zarsky <jzarsky@redhat.com>
---
 libsepol/src/policydb.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
index 37788f36..c7521235 100644
--- a/libsepol/src/policydb.c
+++ b/libsepol/src/policydb.c
@@ -1420,6 +1420,8 @@ void ocontext_selinux_free(ocontext_t **ocontexts)
 			if (i == OCON_ISID || i == OCON_FS || i == OCON_NETIF
 				|| i == OCON_FSUSE)
 				free(ctmp->u.name);
+			else if (i == OCON_IBENDPORT)
+				free(ctmp->u.ibendport.dev_name);
 			free(ctmp);
 		}
 	}
-- 
2.14.2

^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH] libsepol: free ibendport device names
  2017-10-23  8:52 [PATCH] libsepol: free ibendport device names Jan Zarsky
@ 2017-10-23 14:44 ` Stephen Smalley
  0 siblings, 0 replies; 2+ messages in thread
From: Stephen Smalley @ 2017-10-23 14:44 UTC (permalink / raw)
  To: Jan Zarsky, selinux

On Mon, 2017-10-23 at 10:52 +0200, Jan Zarsky wrote:
> When reading policy, ibendport device names are allocated in
> ocontext_read_selinux() but they are not freed when calling
> sepol_policydb_free();
> 
> Fix this by freeing them in ocontext_selinux_free().
> 
> Signed-off-by: Jan Zarsky <jzarsky@redhat.com>

Thanks, this looks correct to me; I'm wondering if we have the same
leak in the kernel code (I think so).

> ---
>  libsepol/src/policydb.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
> index 37788f36..c7521235 100644
> --- a/libsepol/src/policydb.c
> +++ b/libsepol/src/policydb.c
> @@ -1420,6 +1420,8 @@ void ocontext_selinux_free(ocontext_t
> **ocontexts)
>  			if (i == OCON_ISID || i == OCON_FS || i ==
> OCON_NETIF
>  				|| i == OCON_FSUSE)
>  				free(ctmp->u.name);
> +			else if (i == OCON_IBENDPORT)
> +				free(ctmp->u.ibendport.dev_name);
>  			free(ctmp);
>  		}
>  	}

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-10-23 14:44 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-10-23  8:52 [PATCH] libsepol: free ibendport device names Jan Zarsky
2017-10-23 14:44 ` Stephen Smalley

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.