| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 22 Mar 2016 17:35:24 -0400 From: Paul Moore <paul@...l-moore.com> To: Colin King <colin.king@...onical.com>, "Serge E. Hallyn" <serge@...lyn.com> Cc: Stephen Smalley <sds@...ho.nsa.gov>, Eric Paris <eparis@...isplace.org>, James Morris <james.l.morris@...cle.com>, Nick Kralevich <nnk@...gle.com>, Jeff Vander Stoep <jeffv@...gle.com>, selinux@...ho.nsa.gov, linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] selinux: fix memory leak on node_ptr on error return path On Tue, Mar 22, 2016 at 4:28 PM, Serge E. Hallyn <serge@...lyn.com> wrote: > Quoting Colin King (colin.king@...onical.com): >> From: Colin Ian King <colin.king@...onical.com> >> >> node_ptr is not being free'd if the list allocation fails, fix >> this by kfree'ing it before exiting on the error path. >> >> Signed-off-by: Colin Ian King <colin.king@...onical.com> > > Hi, > > I'm not very familiar with this code any more, but are you sure > this is needed and doesn't cause a new bug? It *looks* like > the avtab_insert_nonunique() actually inserts the node_ptr > into the policydb, and the policydb is the one that should > eventually free it. Exactly. cond_insertf() calls avtab_insert_nonunique() which calls avtab_insert_node() which adds the node to the avtab. The avtab will get cleaned up later by the error handling code in the cond_insertf() call chain. -- paul moore www.paul-moore.com
Powered by blists - more mailing lists