* Re: Coverity: filename_trans_read_one(): Resource leaks
[not found] <202004130917.435ED43FDB@keescook>
@ 2020-04-13 17:48 ` Ondrej Mosnacek
0 siblings, 0 replies; only message in thread
From: Ondrej Mosnacek @ 2020-04-13 17:48 UTC (permalink / raw)
To: coverity-bot
Cc: Stephen Smalley, Paul Moore, Gustavo A. R. Silva, linux-next,
SElinux list
On Mon, Apr 13, 2020 at 6:18 PM coverity-bot <keescook@chromium.org> wrote:
> Hello!
>
> This is an experimental automated report about issues detected by Coverity
> from a scan of next-20200413 as part of the linux-next weekly scan project:
> https://scan.coverity.com/projects/linux-next-weekly-scan
>
> You're getting this email because you were associated with the identified
> lines of code (noted below) that were touched by commits:
>
> Tue Feb 18 12:27:34 2020 +0100
> c3a276111ea2 ("selinux: optimize storage of filename transitions")
>
> Coverity reported the following:
>
> *** CID 1461665: Resource leaks (RESOURCE_LEAK)
> /security/selinux/ss/policydb.c: 1862 in filename_trans_read_one()
> 1856 return rc;
> 1857 len = le32_to_cpu(buf[0]);
> 1858
> 1859 /* path component string */
> 1860 rc = str_read(&name, GFP_KERNEL, fp, len);
> 1861 if (rc)
> vvv CID 1461665: Resource leaks (RESOURCE_LEAK)
> vvv Variable "name" going out of scope leaks the storage it points to.
> 1862 return rc;
> 1863
> 1864 rc = next_entry(buf, fp, sizeof(u32) * 4);
> 1865 if (rc)
> 1866 goto out;
> 1867
Right, I missed the fact that str_read() may give us back an allocated
pointer even if it returns an error. I'll send a fix probably
tomorrow. And I plan to have a look at refactoring the function so it
cleans up upon error on its own (+ updating the caller accordingly).
Its current interface just begs for trouble...
Thank you for running the bot, Kees! It's cool :)
>
> If this is a false positive, please let us know so we can mark it as
> such, or teach the Coverity rules to be smarter. If not, please make
> sure fixes get into linux-next. :) For patches fixing this, please
> include these lines (but double-check the "Fixes" first):
>
> Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
> Addresses-Coverity-ID: 1461665 ("Resource leaks")
> Fixes: c3a276111ea2 ("selinux: optimize storage of filename transitions")
>
> Thanks for your attention!
>
> --
> Coverity-bot
>
--
Ondrej Mosnacek <omosnace at redhat dot com>
Software Engineer, Security Technologies
Red Hat, Inc.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2020-04-13 17:48 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <202004130917.435ED43FDB@keescook>
2020-04-13 17:48 ` Coverity: filename_trans_read_one(): Resource leaks Ondrej Mosnacek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).