Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e6e0871c authored Aug 01, 2007 by Paul Moore Committed by James Morris Aug 02, 2007

Net/Security: fix memory leaks from security_secid_to_secctx()



The security_secid_to_secctx() function returns memory that must be freed
by a call to security_release_secctx() which was not always happening.  This
patch fixes two of these problems (all that I could find in the kernel source
at present).

Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>

parent 088999e9

net/netlabel/netlabel_user.c

+3 −1

Original line number	Original line	Diff line number	Diff line
	@@ -113,8 +113,10 @@ struct audit_buffer *netlbl_audit_start_common(int type,
	if (audit_info->secid != 0 &&		if (audit_info->secid != 0 &&
	security_secid_to_secctx(audit_info->secid,		security_secid_to_secctx(audit_info->secid,
	&secctx,		&secctx,
	&secctx_len) == 0)		&secctx_len) == 0) {
	audit_log_format(audit_buf, " subj=%s", secctx);		audit_log_format(audit_buf, " subj=%s", secctx);
			security_release_secctx(secctx, secctx_len);
			}

	return audit_buf;		return audit_buf;
	}		}

net/xfrm/xfrm_policy.c

+3 −2

Original line number	Original line	Diff line number	Diff line
	@@ -2195,9 +2195,10 @@ void xfrm_audit_log(uid_t auid, u32 sid, int type, int result,
	}		}

	if (sid != 0 &&		if (sid != 0 &&
	security_secid_to_secctx(sid, &secctx, &secctx_len) == 0)		security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) {
	audit_log_format(audit_buf, " subj=%s", secctx);		audit_log_format(audit_buf, " subj=%s", secctx);
	else		security_release_secctx(secctx, secctx_len);
			} else
	audit_log_task_context(audit_buf);		audit_log_task_context(audit_buf);

	if (xp) {		if (xp) {