| Message ID | 20210907134048.282918-1-plautrba@redhat.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | libsepol: Fix detected RESOURCE_LEAKs | expand |
On Tue, Sep 7, 2021 at 9:44 AM Petr Lautrbach <plautrba@redhat.com> wrote: > > Fixes: > Error: RESOURCE_LEAK (CWE-772): [#def5] > libsepol/src/kernel_to_cil.c:2380: alloc_arg: "strs_init" allocates memory that is stored into "strs". > libsepol/src/kernel_to_cil.c:2386: noescape: Resource "strs" is not freed or pointed-to in "strs_add". > libsepol/src/kernel_to_cil.c:2386: noescape: Resource "strs" is not freed or pointed-to in "strs_add". > libsepol/src/kernel_to_cil.c:2386: noescape: Resource "strs" is not freed or pointed-to in "strs_add". > libsepol/src/kernel_to_cil.c:2507: leaked_storage: Variable "strs" going out of scope leaks the storage it points to. > > libsepol/src/kernel_to_conf.c:2315: alloc_arg: "strs_init" allocates memory that is stored into "strs". > libsepol/src/kernel_to_conf.c:2321: noescape: Resource "strs" is not freed or pointed-to in "strs_add". > libsepol/src/kernel_to_conf.c:2321: noescape: Resource "strs" is not freed or pointed-to in "strs_add". > libsepol/src/kernel_to_conf.c:2321: noescape: Resource "strs" is not freed or pointed-to in "strs_add". > libsepol/src/kernel_to_conf.c:2385: leaked_storage: Variable "strs" going out of scope leaks the storage it points to. > > Signed-off-by: Petr Lautrbach <plautrba@redhat.com> Acked-by: James Carter <jwcart2@gmail.com> > --- > libsepol/src/kernel_to_cil.c | 5 +++-- > libsepol/src/kernel_to_conf.c | 5 +++-- > 2 files changed, 6 insertions(+), 4 deletions(-) > > diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c > index 81427e65f9a1..305567a5ef1e 100644 > --- a/libsepol/src/kernel_to_cil.c > +++ b/libsepol/src/kernel_to_cil.c > @@ -2497,9 +2497,10 @@ static int write_user_decl_rules_to_cil(FILE *out, struct policydb *pdb) > sepol_printf(out, ")\n"); > } > > - strs_destroy(&strs); > - > exit: > + if (strs) > + strs_destroy(&strs); > + > if (rc != 0) { > sepol_log_err("Error writing user declarations to CIL\n"); > } > diff --git a/libsepol/src/kernel_to_conf.c b/libsepol/src/kernel_to_conf.c > index 179f0ad1a5d1..eb72e4ac983e 100644 > --- a/libsepol/src/kernel_to_conf.c > +++ b/libsepol/src/kernel_to_conf.c > @@ -2375,9 +2375,10 @@ static int write_user_decl_rules_to_conf(FILE *out, struct policydb *pdb) > sepol_printf(out, ";\n"); > } > > - strs_destroy(&strs); > - > exit: > + if (strs) > + strs_destroy(&strs); > + > if (rc != 0) { > sepol_log_err("Error writing user declarations to policy.conf\n"); > } > -- > 2.32.0 >
diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c index 81427e65f9a1..305567a5ef1e 100644 --- a/libsepol/src/kernel_to_cil.c +++ b/libsepol/src/kernel_to_cil.c @@ -2497,9 +2497,10 @@ static int write_user_decl_rules_to_cil(FILE *out, struct policydb *pdb) sepol_printf(out, ")\n"); } - strs_destroy(&strs); - exit: + if (strs) + strs_destroy(&strs); + if (rc != 0) { sepol_log_err("Error writing user declarations to CIL\n"); } diff --git a/libsepol/src/kernel_to_conf.c b/libsepol/src/kernel_to_conf.c index 179f0ad1a5d1..eb72e4ac983e 100644 --- a/libsepol/src/kernel_to_conf.c +++ b/libsepol/src/kernel_to_conf.c @@ -2375,9 +2375,10 @@ static int write_user_decl_rules_to_conf(FILE *out, struct policydb *pdb) sepol_printf(out, ";\n"); } - strs_destroy(&strs); - exit: + if (strs) + strs_destroy(&strs); + if (rc != 0) { sepol_log_err("Error writing user declarations to policy.conf\n"); }
Fixes: Error: RESOURCE_LEAK (CWE-772): [#def5] libsepol/src/kernel_to_cil.c:2380: alloc_arg: "strs_init" allocates memory that is stored into "strs". libsepol/src/kernel_to_cil.c:2386: noescape: Resource "strs" is not freed or pointed-to in "strs_add". libsepol/src/kernel_to_cil.c:2386: noescape: Resource "strs" is not freed or pointed-to in "strs_add". libsepol/src/kernel_to_cil.c:2386: noescape: Resource "strs" is not freed or pointed-to in "strs_add". libsepol/src/kernel_to_cil.c:2507: leaked_storage: Variable "strs" going out of scope leaks the storage it points to. libsepol/src/kernel_to_conf.c:2315: alloc_arg: "strs_init" allocates memory that is stored into "strs". libsepol/src/kernel_to_conf.c:2321: noescape: Resource "strs" is not freed or pointed-to in "strs_add". libsepol/src/kernel_to_conf.c:2321: noescape: Resource "strs" is not freed or pointed-to in "strs_add". libsepol/src/kernel_to_conf.c:2321: noescape: Resource "strs" is not freed or pointed-to in "strs_add". libsepol/src/kernel_to_conf.c:2385: leaked_storage: Variable "strs" going out of scope leaks the storage it points to. Signed-off-by: Petr Lautrbach <plautrba@redhat.com> --- libsepol/src/kernel_to_cil.c | 5 +++-- libsepol/src/kernel_to_conf.c | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-)