mirror of
https://github.com/topjohnwu/selinux.git
synced 2024-11-28 05:50:30 +00:00
checkpolicy: free id in define_port_context()
Variable id is almost never freed in define_port_context(). This leak has been detected with gcc Address Sanitizer. Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org> Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
This commit is contained in:
parent
c39289c9b7
commit
da00246827
@ -4899,8 +4899,7 @@ int define_port_context(unsigned int low, unsigned int high)
|
||||
protocol = IPPROTO_DCCP;
|
||||
} else {
|
||||
yyerror2("unrecognized protocol %s", id);
|
||||
free(newc);
|
||||
return -1;
|
||||
goto bad;
|
||||
}
|
||||
|
||||
newc->u.port.protocol = protocol;
|
||||
@ -4909,13 +4908,11 @@ int define_port_context(unsigned int low, unsigned int high)
|
||||
|
||||
if (low > high) {
|
||||
yyerror2("low port %d exceeds high port %d", low, high);
|
||||
free(newc);
|
||||
return -1;
|
||||
goto bad;
|
||||
}
|
||||
|
||||
if (parse_security_context(&newc->context[0])) {
|
||||
free(newc);
|
||||
return -1;
|
||||
goto bad;
|
||||
}
|
||||
|
||||
/* Preserve the matching order specified in the configuration. */
|
||||
@ -4945,9 +4942,11 @@ int define_port_context(unsigned int low, unsigned int high)
|
||||
else
|
||||
policydbp->ocontexts[OCON_PORT] = newc;
|
||||
|
||||
free(id);
|
||||
return 0;
|
||||
|
||||
bad:
|
||||
free(id);
|
||||
free(newc);
|
||||
return -1;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user