RepoMirrors
/
selinux
mirror of https://github.com/SELinuxProject/selinux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

checkpolicy: Free allocated memory when clean up / exit. 

Number of error paths and failures do not clean up memory.  Try to make
it better.

Signed-off-by: Eric Paris <eparis@redhat.com>
This commit is contained in:
Alice Chu 2013-01-08 18:20:34 -06:00 committed by Eric Paris
parent 0a5dc30456
commit ab995a59b2
1 changed files with 19 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
checkpolicy/policy_define.c
View File

@ -1529,12 +1529,12 @@ int define_compute_type_helper(int which, avrule_t ** rule)
while ((id = queue_remove(id_queue))) { while ((id = queue_remove(id_queue))) {
if (set_types(&avrule->stypes, id, &add, 0)) if (set_types(&avrule->stypes, id, &add, 0))
return -1; goto bad;
} }
add = 1; add = 1;
while ((id = queue_remove(id_queue))) { while ((id = queue_remove(id_queue))) {
if (set_types(&avrule->ttypes, id, &add, 0)) if (set_types(&avrule->ttypes, id, &add, 0))
return -1; goto bad;
} }
ebitmap_init(&tclasses); ebitmap_init(&tclasses);
@ -1563,7 +1563,7 @@ int define_compute_type_helper(int which, avrule_t ** rule)
perm = malloc(sizeof(class_perm_node_t)); perm = malloc(sizeof(class_perm_node_t));
if (!perm) { if (!perm) {
yyerror("out of memory"); yyerror("out of memory");
return -1; goto bad;
} }
class_perm_node_init(perm); class_perm_node_init(perm);
perm->class = i + 1; perm->class = i + 1;
@ -2082,10 +2082,12 @@ role_datum_t *merge_roles_dom(role_datum_t * r1, role_datum_t * r2)
new->s.value = 0; /* temporary role */ new->s.value = 0; /* temporary role */
if (ebitmap_or(&new->dominates, &r1->dominates, &r2->dominates)) { if (ebitmap_or(&new->dominates, &r1->dominates, &r2->dominates)) {
yyerror("out of memory"); yyerror("out of memory");
free(new);
return NULL; return NULL;
} }
if (ebitmap_or(&new->types.types, &r1->types.types, &r2->types.types)) { if (ebitmap_or(&new->types.types, &r1->types.types, &r2->types.types)) {
yyerror("out of memory"); yyerror("out of memory");
free(new);
return NULL; return NULL;
} }
if (!r1->s.value) { if (!r1->s.value) {
@ -2490,13 +2492,17 @@ int define_role_allow(void)
role_allow_rule_init(ra); role_allow_rule_init(ra);
while ((id = queue_remove(id_queue))) { while ((id = queue_remove(id_queue))) {
if (set_roles(&ra->roles, id)) if (set_roles(&ra->roles, id)) {
free(ra);
return -1; return -1;
}
} }
while ((id = queue_remove(id_queue))) { while ((id = queue_remove(id_queue))) {
if (set_roles(&ra->new_roles, id)) if (set_roles(&ra->new_roles, id)) {
free(ra);
return -1; return -1;
}
} }
append_role_allow(ra); append_role_allow(ra);
@ -2798,6 +2804,7 @@ int define_constraint(constraint_expr_t * expr)
node = malloc(sizeof(struct constraint_node)); node = malloc(sizeof(struct constraint_node));
if (!node) { if (!node) {
yyerror("out of memory"); yyerror("out of memory");
free(node);
return -1; return -1;
} }
memset(node, 0, sizeof(constraint_node_t)); memset(node, 0, sizeof(constraint_node_t));
@ -3614,6 +3621,12 @@ static int parse_security_context(context_struct_t * c)
return 0; return 0;
} }
/* check context c to make sure ok to dereference c later */
if (c == NULL) {
yyerror("null context pointer!");
return -1;
}
context_init(c); context_init(c);
/* extract the user */ /* extract the user */
@ -4708,6 +4721,7 @@ int define_range_trans(int class_specified)
out: out:
range_trans_rule_destroy(rule); range_trans_rule_destroy(rule);
free(rule);
return -1; return -1;
} }