RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-01-04 20:49:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

policycoreutils: newrole: do not free pw strings twice

Browse Source 
In main(), if "extract_pw_data(&pw)" returns a failed value, it has
already freed pw.pw_name, pw.pw_dir and pw.pw_shell. These fields are
freed a second time in main's err_free label, which is incorrect. Work
around this by setting them to NULL after they are freed.

This issue has been found using clang's static analyzer.

While at it, make extract_pw_data() static.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
This commit is contained in:
Nicolas Iooss 2017-04-11 23:46:02 +02:00 committed by Stephen Smalley
parent bb3f428c08
commit bfe40222e2
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
policycoreutils/newrole/newrole.c
View File

@ -412,7 +412,7 @@ static int verify_shell(const char *shell_name)
* This function assigns malloc'd memory into the pw_copy struct.
* Returns zero on success, non-zero otherwise
*/
int extract_pw_data(struct passwd *pw_copy)
static int extract_pw_data(struct passwd *pw_copy)
{
uid_t uid;
struct passwd *pw;
@ -456,6 +456,9 @@ int extract_pw_data(struct passwd *pw_copy)
free(pw->pw_name);
free(pw->pw_dir);
free(pw->pw_shell);
pw->pw_name = NULL;
pw->pw_dir = NULL;
pw->pw_shell = NULL;
return -1;
}