diff options
| author | Namhyung Kim <[email protected]> | 2014-06-14 16:19:02 +0000 |
|---|---|---|
| committer | Paul Moore <[email protected]> | 2014-06-19 18:56:59 +0000 |
| commit | 6e51f9cbfa04a92b40e7f9c1e76c8ecbff534a22 (patch) | |
| tree | 1fb97b53d5b40ceb9df33f43743ca232332d794f | |
| parent | selinux: simple cleanup for cond_read_node() (diff) | |
| download | kernel-6e51f9cbfa04a92b40e7f9c1e76c8ecbff534a22.tar.gz kernel-6e51f9cbfa04a92b40e7f9c1e76c8ecbff534a22.zip | |
selinux: fix a possible memory leak in cond_read_node()
The cond_read_node() should free the given node on error path as it's
not linked to p->cond_list yet. This is done via cond_node_destroy()
but it's not called when next_entry() fails before the expr loop.
Signed-off-by: Namhyung Kim <[email protected]>
Signed-off-by: Paul Moore <[email protected]>
| -rw-r--r-- | security/selinux/ss/conditional.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c index f09cc7268b65..62c6773be0b7 100644 --- a/security/selinux/ss/conditional.c +++ b/security/selinux/ss/conditional.c @@ -404,7 +404,7 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp) rc = next_entry(buf, fp, sizeof(u32) * 2); if (rc) - return rc; + goto err; node->cur_state = le32_to_cpu(buf[0]); |