| Message ID | 20230706162120.25610-1-cgzones@googlemail.com (mailing list archive) |
|---|---|
| State | Rejected |
| Delegated to: | Petr Lautrbach |
| Headers | show |
| Series | checkpolicy: free role identifier in define_role_dom() | expand |
On Thu, Jul 6, 2023 at 12:34 PM Christian Göttsche <cgzones@googlemail.com> wrote: > > Free the role identifier in case the role has been already defined > beforehand, since in that case the identifier is not stored via > declare_symbol(). > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> The right answer here is to just remove role dominance from checkpolicy. I've sent a patch to the list. Thanks, Jim > --- > Triggered by the checkpolicy round-trip patch in the GitHub CI. > --- > checkpolicy/policy_define.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c > index cef8f3c4..e10c92ff 100644 > --- a/checkpolicy/policy_define.c > +++ b/checkpolicy/policy_define.c > @@ -3045,7 +3045,11 @@ role_datum_t *define_role_dom(role_datum_t * r) > yyerror("Out of memory!"); > goto cleanup; > } > + } else { > + free(role_id); > + role_id = NULL; > } > + > if (r) { > ebitmap_t types; > ebitmap_init(&types); > -- > 2.40.1 >
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c index cef8f3c4..e10c92ff 100644 --- a/checkpolicy/policy_define.c +++ b/checkpolicy/policy_define.c @@ -3045,7 +3045,11 @@ role_datum_t *define_role_dom(role_datum_t * r) yyerror("Out of memory!"); goto cleanup; } + } else { + free(role_id); + role_id = NULL; } + if (r) { ebitmap_t types; ebitmap_init(&types);
Free the role identifier in case the role has been already defined beforehand, since in that case the identifier is not stored via declare_symbol(). Signed-off-by: Christian Göttsche <cgzones@googlemail.com> --- Triggered by the checkpolicy round-trip patch in the GitHub CI. --- checkpolicy/policy_define.c | 4 ++++ 1 file changed, 4 insertions(+)