| Message ID | 20221122052110.2433833-1-lujie54@huawei.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | 001af27a6d32 |
| Headers | show |
| Series | [v2] libselinux: fix some memory issues in db_init | expand |
On Tue, Nov 22, 2022 at 3:05 AM Jie Lu <lujie54@huawei.com> wrote: > > 1. check the return of strdup to avoid a potential NULL reference. > 2. make sure line_buf is freed. > > Signed-off-by: Jie Lu <lujie54@huawei.com> Acked-by: James Carter <jwcart2@gmail.com> > --- > libselinux/src/label_db.c | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git a/libselinux/src/label_db.c b/libselinux/src/label_db.c > index 94c05c6d..bd73201c 100644 > --- a/libselinux/src/label_db.c > +++ b/libselinux/src/label_db.c > @@ -293,6 +293,11 @@ db_init(const struct selinux_opt *opts, unsigned nopts, > return NULL; > } > rec->spec_file = strdup(path); > + if (!rec->spec_file) { > + free(catalog); > + fclose(filp); > + return NULL; > + } > > /* > * Parse for each lines > @@ -322,18 +327,19 @@ db_init(const struct selinux_opt *opts, unsigned nopts, > if (process_line(path, line_buf, ++line_num, catalog) < 0) > goto out_error; > } > - free(line_buf); > > if (digest_add_specfile(rec->digest, filp, NULL, sb.st_size, path) < 0) > goto out_error; > > digest_gen_hash(rec->digest); > > + free(line_buf); > fclose(filp); > > return catalog; > > out_error: > + free(line_buf); > for (i = 0; i < catalog->nspec; i++) { > spec_t *spec = &catalog->specs[i]; > > -- > 2.27.0 >
On Wed, Nov 23, 2022 at 10:31 AM James Carter <jwcart2@gmail.com> wrote: > > On Tue, Nov 22, 2022 at 3:05 AM Jie Lu <lujie54@huawei.com> wrote: > > > > 1. check the return of strdup to avoid a potential NULL reference. > > 2. make sure line_buf is freed. > > > > Signed-off-by: Jie Lu <lujie54@huawei.com> > > Acked-by: James Carter <jwcart2@gmail.com> Merged. Thanks, Jim > > > --- > > libselinux/src/label_db.c | 8 +++++++- > > 1 file changed, 7 insertions(+), 1 deletion(-) > > > > diff --git a/libselinux/src/label_db.c b/libselinux/src/label_db.c > > index 94c05c6d..bd73201c 100644 > > --- a/libselinux/src/label_db.c > > +++ b/libselinux/src/label_db.c > > @@ -293,6 +293,11 @@ db_init(const struct selinux_opt *opts, unsigned nopts, > > return NULL; > > } > > rec->spec_file = strdup(path); > > + if (!rec->spec_file) { > > + free(catalog); > > + fclose(filp); > > + return NULL; > > + } > > > > /* > > * Parse for each lines > > @@ -322,18 +327,19 @@ db_init(const struct selinux_opt *opts, unsigned nopts, > > if (process_line(path, line_buf, ++line_num, catalog) < 0) > > goto out_error; > > } > > - free(line_buf); > > > > if (digest_add_specfile(rec->digest, filp, NULL, sb.st_size, path) < 0) > > goto out_error; > > > > digest_gen_hash(rec->digest); > > > > + free(line_buf); > > fclose(filp); > > > > return catalog; > > > > out_error: > > + free(line_buf); > > for (i = 0; i < catalog->nspec; i++) { > > spec_t *spec = &catalog->specs[i]; > > > > -- > > 2.27.0 > >
diff --git a/libselinux/src/label_db.c b/libselinux/src/label_db.c index 94c05c6d..bd73201c 100644 --- a/libselinux/src/label_db.c +++ b/libselinux/src/label_db.c @@ -293,6 +293,11 @@ db_init(const struct selinux_opt *opts, unsigned nopts, return NULL; } rec->spec_file = strdup(path); + if (!rec->spec_file) { + free(catalog); + fclose(filp); + return NULL; + } /* * Parse for each lines @@ -322,18 +327,19 @@ db_init(const struct selinux_opt *opts, unsigned nopts, if (process_line(path, line_buf, ++line_num, catalog) < 0) goto out_error; } - free(line_buf); if (digest_add_specfile(rec->digest, filp, NULL, sb.st_size, path) < 0) goto out_error; digest_gen_hash(rec->digest); + free(line_buf); fclose(filp); return catalog; out_error: + free(line_buf); for (i = 0; i < catalog->nspec; i++) { spec_t *spec = &catalog->specs[i];
1. check the return of strdup to avoid a potential NULL reference. 2. make sure line_buf is freed. Signed-off-by: Jie Lu <lujie54@huawei.com> --- libselinux/src/label_db.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)