Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
tjh.dev
kernel
os
linux
Net/Security: fix memory leaks from security_secid_to_secctx()
The security_secid_to_secctx() function returns memory that must be freed
by a call to security_release_secctx() which was not always happening. This
patch fixes two of these problems (all that I could find in the kernel source
at present).
Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
authored by
Paul Moore
and committed by
James Morris
e6e0871c
088999e9
+3
-1
net/netlabel/netlabel_user.c
+3
-1
net/netlabel/netlabel_user.c
···
113
113
if (audit_info->secid != 0 &&
114
114
security_secid_to_secctx(audit_info->secid,
115
115
&secctx,
116
-
&secctx_len) == 0)
116
+
&secctx_len) == 0) {
117
117
audit_log_format(audit_buf, " subj=%s", secctx);
118
+
security_release_secctx(secctx, secctx_len);
119
+
}
118
120
119
121
return audit_buf;
120
122
}
+3
-2
net/xfrm/xfrm_policy.c
+3
-2
net/xfrm/xfrm_policy.c
···
2195
2195
}
2196
2196
2197
2197
if (sid != 0 &&
2198
-
security_secid_to_secctx(sid, &secctx, &secctx_len) == 0)
2198
+
security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) {
2199
2199
audit_log_format(audit_buf, " subj=%s", secctx);
2200
-
else
2200
+
security_release_secctx(secctx, secctx_len);
2201
+
} else
2201
2202
audit_log_task_context(audit_buf);
2202
2203
2203
2204
if (xp) {