RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-03-11 04:37:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
c8ac3af7b5
selinux/libsepol
History
Nicolas Iooss c8ac3af7b5 libsepol: reset *p to NULL if sepol_module_package_create fails 
semodule-utils/semodule_link/semodule_link.c contains:

    static sepol_module_package_t *load_module(char *filename)
    {
        /* ... */
        if (sepol_module_package_create(&p)) {
            /* ... */
            goto bad;

    /* ... */
    bad:
        sepol_module_package_free(p);

When sepol_module_package_create() fails while having successfully
allocated p, it currently frees p without setting it back to NULL. This
causes a use-after-free in load_module().

Prevent this use-after-free by setting sepol_module_package_create's
argument back to NULL when an error happens.

This issue has been found using Infer static analyzer.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-09-17 10:38:41 -04:00
..
cil libsepol: Remove cil_mem_error_handler() function pointer 2019-09-17 10:38:20 -04:00
include Add default_range glblub support 2019-09-10 12:30:29 -04:00
man selinux: Update manpages after removing legacy boolean and user code 2019-07-29 23:46:47 +02:00
src libsepol: reset *p to NULL if sepol_module_package_create fails 2019-09-17 10:38:41 -04:00
tests libsepol: add ebitmap_for_each_set_bit macro 2019-05-20 14:00:32 -04:00
utils libsepol: build: follow standard semantics for DESTDIR and PREFIX 2018-02-14 15:59:36 +01:00
.gitignore libsepol: build cil into libsepol 2014-08-26 08:03:31 -04:00
COPYING initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
Makefile libsepol: build cil into libsepol 2014-08-26 08:03:31 -04:00
VERSION Update VERSIONs to 2.9 for release. 2019-03-15 11:32:30 +01:00