lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAHC9VhR0bu-D2yjGkACMNxg34qA4Y75MjVbJpr8FQc=rfLu=pg@mail.gmail.com>
Date:   Sun, 5 Dec 2021 22:12:14 -0500
From:   Paul Moore <paul@...l-moore.com>
To:     Bernard Zhao <bernard@...o.com>
Cc:     Stephen Smalley <stephen.smalley.work@...il.com>,
        Eric Paris <eparis@...isplace.org>, selinux@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] security/selinux: fix potential memleak

On Wed, Dec 1, 2021 at 10:35 PM Bernard Zhao <bernard@...o.com> wrote:
>
> This patch try to fix potential memleak in function
> selinux_fs_context_dup`s error branch.
>
> Signed-off-by: Bernard Zhao <bernard@...o.com>
> ---
>  security/selinux/hooks.c | 22 ++++++++++++++++++----
>  1 file changed, 18 insertions(+), 4 deletions(-)
>
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index 62d30c0a30c2..36d7fc373839 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -2856,24 +2856,38 @@ static int selinux_fs_context_dup(struct fs_context *fc,
>         if (src->fscontext) {
>                 opts->fscontext = kstrdup(src->fscontext, GFP_KERNEL);
>                 if (!opts->fscontext)
> -                       return -ENOMEM;
> +                       goto err_fscontext;
>         }
>         if (src->context) {
>                 opts->context = kstrdup(src->context, GFP_KERNEL);
>                 if (!opts->context)
> -                       return -ENOMEM;
> +                       goto err_context;
>         }
>         if (src->rootcontext) {
>                 opts->rootcontext = kstrdup(src->rootcontext, GFP_KERNEL);
>                 if (!opts->rootcontext)
> -                       return -ENOMEM;
> +                       goto err_rootcontext;
>         }
>         if (src->defcontext) {
>                 opts->defcontext = kstrdup(src->defcontext, GFP_KERNEL);
>                 if (!opts->defcontext)
> -                       return -ENOMEM;
> +                       goto err_defcontext;
>         }
>         return 0;
> +
> +err_defcontext:
> +       if (src->rootcontext)
> +               kfree(opts->rootcontext);
> +err_rootcontext:
> +       if (src->context)
> +               kfree(opts->context);
> +err_context:
> +       if (src->fscontext)
> +               kfree(opts->fscontext);
> +err_fscontext:
> +       kfree(fc->security);
> +
> +       return -ENOMEM;
>  }

Thanks for catching this a providing a patch, however I think the
memory cleanup can be made simpler, see the pseudo code below:

static int selinux_fs_context_dup(...)
{

  fc->security = kzalloc(...);
  if (!fc->security)
    return -ENOMEM;

  opts = fc->security;

  if (src->fscontext) {
    opts->fscontext = kstrdup(...);
    if (!opts->fscontext)
      goto err;
  }

  /* ... */

  return 0;

  err:
    kfree(opts->fscontext);
    kfree(opts->context);
    kfree(opts->rootcontext);
    kfree(opts->defcontext);
    kfree(opts);
    fc->security = NULL;
    return -ENOMEM;
}

--
paul moore
www.paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ