RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2024-12-18 04:04:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

checkpolicy: fix memory leaks in define_filename_trans()

Browse Source 
When parsing type_transition statements with names, the memory allocated
by the type set bitmaps of variable stypes and ttypes was never freed.

Call type_set_destroy() to free this memory and, while at it, make the
function exits without leaking memory when exiting with an error.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
This commit is contained in:
Nicolas Iooss 2017-01-21 15:26:11 +01:00 committed by James Carter
parent aa1a8a3c84
commit 0a0d055283
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
checkpolicy/policy_define.c
View File

@ -3256,22 +3256,24 @@ int define_filename_trans(void)
return 0;
}
type_set_init(&stypes);
type_set_init(&ttypes);
ebitmap_init(&e_stypes);
ebitmap_init(&e_ttypes);
ebitmap_init(&e_tclasses);
add = 1;
type_set_init(&stypes);
while ((id = queue_remove(id_queue))) {
if (set_types(&stypes, id, &add, 0))
goto bad;
}
add =1;
type_set_init(&ttypes);
while ((id = queue_remove(id_queue))) {
if (set_types(&ttypes, id, &add, 0))
goto bad;
}
ebitmap_init(&e_tclasses);
if (read_classes(&e_tclasses))
goto bad;
@ -3288,6 +3290,7 @@ int define_filename_trans(void)
typdatum = hashtab_search(policydbp->p_types.table, id);
if (!typdatum) {
yyerror2("unknown type %s used in transition definition", id);
free(id);
goto bad;
}
free(id);
@ -3302,11 +3305,9 @@ int define_filename_trans(void)
/* We expand the class set into seperate rules. We expand the types
* just to make sure there are not duplicates. They will get turned
* into seperate rules later */
ebitmap_init(&e_stypes);
if (type_set_expand(&stypes, &e_stypes, policydbp, 1))
goto bad;
ebitmap_init(&e_ttypes);
if (type_set_expand(&ttypes, &e_ttypes, policydbp, 1))
goto bad;
@ -3386,11 +3387,18 @@ int define_filename_trans(void)
ebitmap_destroy(&e_stypes);
ebitmap_destroy(&e_ttypes);
ebitmap_destroy(&e_tclasses);
type_set_destroy(&stypes);
type_set_destroy(&ttypes);
return 0;
bad:
free(name);
ebitmap_destroy(&e_stypes);
ebitmap_destroy(&e_ttypes);
ebitmap_destroy(&e_tclasses);
type_set_destroy(&stypes);
type_set_destroy(&ttypes);
return -1;
}