linux-security-module.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Dan Carpenter <dan.carpenter@oracle.com>
To: mjg59@google.com
Cc: linux-security-module@vger.kernel.org
Subject: [bug report] apparmor: Parse secmark policy
Date: Wed, 10 Oct 2018 13:42:28 +0300	[thread overview]
Message-ID: <20181010104228.GA15360@mwanda> (raw)

Hello Matthew Garrett,

The patch 9caafbe2b4cf: "apparmor: Parse secmark policy" from May 24,
2018, leads to the following static checker warning:

	security/apparmor/policy_unpack.c:580 unpack_secmark()
	warn: should '(struct aa_profile)->secmark' be freed with kzfree()'

security/apparmor/policy_unpack.c
   558                  profile->secmark_count = size;
   559  
   560                  for (i = 0; i < size; i++) {
   561                          if (!unpack_u8(e, &profile->secmark[i].audit, NULL))
   562                                  goto fail;
   563                          if (!unpack_u8(e, &profile->secmark[i].deny, NULL))
   564                                  goto fail;
   565                          if (!unpack_strdup(e, &profile->secmark[i].label, NULL))
   566                                  goto fail;
   567                  }
   568                  if (!unpack_nameX(e, AA_ARRAYEND, NULL))
   569                          goto fail;
   570                  if (!unpack_nameX(e, AA_STRUCTEND, NULL))
   571                          goto fail;
   572          }
   573  
   574          return 1;
   575  
   576  fail:
   577          if (profile->secmark) {
   578                  for (i = 0; i < size; i++)
   579                          kfree(profile->secmark[i].label);
                                      ^^^^^^^^^^^^^^^^^^^^^^^^^
   580                  kfree(profile->secmark);
                              ^^^^^^^^^^^^^^^^
Smatch thinks that these need to be zeroed for security.  I don't know
the details though.

   581                  profile->secmark_count = 0;
   582          }
   583  
   584          e->pos = pos;
   585          return 0;
   586  }

regards,
dan carpenter

             reply	other threads:[~2018-10-10 10:42 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-10-10 10:42 Dan Carpenter [this message]
2018-10-10 16:04 ` [bug report] apparmor: Parse secmark policy Matthew Garrett

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20181010104228.GA15360@mwanda \
    --to=dan.carpenter@oracle.com \
    --cc=linux-security-module@vger.kernel.org \
    --cc=mjg59@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).