RepoMirrors
/
selinux
mirror of https://github.com/SELinuxProject/selinux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

libsemanage: use after free in python bindings 

In python 3.2 we hit a problem where the fconext was garbage.  We didn't
see this in python 2.7.  The reason is because python3.2 would free and
reuse the memory and python 2.7 just happened to leave it alone.
Instead of using memory that python might use for something else, use
strdup() to get a local copy which we can free when we are finished with
it.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
This commit is contained in:
Sven Vermeulen 2012-05-29 11:12:11 -04:00 committed by Eric Paris
parent 4120df1c6e
commit c4f415c244
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
libsemanage/src/fcontext_record.c
View File

@ -25,7 +25,7 @@ struct semanage_fcontext {
struct semanage_fcontext_key {
/* Matching expression */
const char *expr;
char *expr;
/* Type of object */
int type;
@ -45,7 +45,11 @@ int semanage_fcontext_key_create(semanage_handle_t * handle,
"create file context key");
return STATUS_ERR;
}
tmp_key->expr = expr;
tmp_key->expr = strdup(expr);
if (!tmp_key->expr) {
ERR(handle, "out of memory, could not create file context key.");
return STATUS_ERR;
}
tmp_key->type = type;
*key_ptr = tmp_key;
@ -74,6 +78,7 @@ hidden_def(semanage_fcontext_key_extract)
void semanage_fcontext_key_free(semanage_fcontext_key_t * key)
{
free(key->expr);
free(key);
}