libsepol: do not free attr_name twice

When set_to_names() fails to allocate *names, it frees variable attr_name even though it either came from attr_list or was newly created and added to attr_list. By doing so, the name is freed a second time when attr_list is destroyed (with "attr_list_destroy(&attr_list)"). Avoid this double free by not freeing attr_name when it belongs to attr_list. This issue has been found using clang's static analyzer. Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2025-02-12 23:08:51 +00:00 · 2017-04-10 21:11:47 +02:00 · 2017-04-10 21:11:47 +02:00 · 8ccd0db860
commit 8ccd0db860
parent 3e7fd1daba
1 changed files with 0 additions and 1 deletions
--- a/libsepol/src/module_to_cil.c
+++ b/libsepol/src/module_to_cil.c
@ -962,7 +962,6 @@ static int set_to_names(struct policydb *pdb, int is_type, void *set, struct lis
 	*names = malloc(sizeof(char *));
 	if (!*names) {
 		log_err("Out of memory");
-		free(attr_name);
 		rc = -1;
 		goto exit;
 	}