lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20211202033447.253596-1-bernard@vivo.com>
Date:   Wed,  1 Dec 2021 19:34:46 -0800
From:   Bernard Zhao <bernard@...o.com>
To:     Paul Moore <paul@...l-moore.com>,
        Stephen Smalley <stephen.smalley.work@...il.com>,
        Eric Paris <eparis@...isplace.org>, selinux@...r.kernel.org,
        linux-kernel@...r.kernel.org
Cc:     Bernard Zhao <bernard@...o.com>
Subject: [PATCH] security/selinux: fix potential memleak

This patch try to fix potential memleak in function
selinux_fs_context_dup`s error branch.

Signed-off-by: Bernard Zhao <bernard@...o.com>
---
 security/selinux/hooks.c | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 62d30c0a30c2..36d7fc373839 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2856,24 +2856,38 @@ static int selinux_fs_context_dup(struct fs_context *fc,
 	if (src->fscontext) {
 		opts->fscontext = kstrdup(src->fscontext, GFP_KERNEL);
 		if (!opts->fscontext)
-			return -ENOMEM;
+			goto err_fscontext;
 	}
 	if (src->context) {
 		opts->context = kstrdup(src->context, GFP_KERNEL);
 		if (!opts->context)
-			return -ENOMEM;
+			goto err_context;
 	}
 	if (src->rootcontext) {
 		opts->rootcontext = kstrdup(src->rootcontext, GFP_KERNEL);
 		if (!opts->rootcontext)
-			return -ENOMEM;
+			goto err_rootcontext;
 	}
 	if (src->defcontext) {
 		opts->defcontext = kstrdup(src->defcontext, GFP_KERNEL);
 		if (!opts->defcontext)
-			return -ENOMEM;
+			goto err_defcontext;
 	}
 	return 0;
+
+err_defcontext:
+	if (src->rootcontext)
+		kfree(opts->rootcontext);
+err_rootcontext:
+	if (src->context)
+		kfree(opts->context);
+err_context:
+	if (src->fscontext)
+		kfree(opts->fscontext);
+err_fscontext:
+	kfree(fc->security);
+
+	return -ENOMEM;
 }
 
 static const struct fs_parameter_spec selinux_fs_parameters[] = {
-- 
2.33.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ