From 03298a22f7dc6f45885307976d09c9a2f070f9fd Mon Sep 17 00:00:00 2001 From: Nicolas Iooss Date: Tue, 28 Mar 2017 23:41:52 +0200 Subject: [PATCH] libsemanage: genhomedircon: fix possible double-free When write_contexts() frees variables context and new_context_str after a line has been successfully emitted, these variables are not reset to NULL. This leads the function to free them again if an error occurs when processing the next line. Fix this by always resetting these variables at the beginning of the loop. This issue has been found using clang's static analyzer. Signed-off-by: Nicolas Iooss --- libsemanage/src/genhomedircon.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index 465dd882..e8c95ee4 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -607,10 +607,12 @@ static int write_contexts(genhomedircon_settings_t *s, FILE *out, const genhomedircon_user_entry_t *user) { char *line, *temp; - sepol_context_t *context = NULL; - char *new_context_str = NULL; + sepol_context_t *context; + char *new_context_str; for (; tpl; tpl = tpl->next) { + context = NULL; + new_context_str = NULL; line = replace_all(tpl->data, repl); if (!line) { goto fail;