Net/Security: fix memory leaks from security_secid_to_secctx()

The security_secid_to_secctx() function returns memory that must be freed by a call to security_release_secctx() which was not always happening. This patch fixes two of these problems (all that I could find in the kernel source at present). Signed-off-by: N Paul Moore <paul.moore@hp.com> Acked-by: N Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: N James Morris <jmorris@namei.org>

Net/Security: fix memory leaks from security_secid_to_secctx()
The security_secid_to_secctx() function returns memory that must be freed by a call to security_release_secctx() which was not always happening. This patch fixes two of these problems (all that I could find in the kernel source at present). Signed-off-by: N Paul Moore <paul.moore@hp.com> Acked-by: N Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: N James Morris <jmorris@namei.org>
e6e0871c · Paul Moore · James Morris · 088999e9 · e6e0871c · e6e0871c
隐藏空白更改
内联并排

Showing with 6 addition and 3 deletion

net/netlabel/netlabel_user.c net/netlabel/netlabel_user.c +3 -1

net/xfrm/xfrm_policy.c net/xfrm/xfrm_policy.c +3 -2

未找到文件。
--- a/net/netlabel/netlabel_user.c
+++ b/net/netlabel/netlabel_user.c
@@ -113,8 +113,10 @@ struct audit_buffer *netlbl_audit_start_common(int type,
 	if (audit_info->secid != 0 &&
 	    security_secid_to_secctx(audit_info->secid,
 				     &secctx,
-				     &secctx_len) == 0)
+				     &secctx_len) == 0) {
 		audit_log_format(audit_buf, " subj=%s", secctx);
+		security_release_secctx(secctx, secctx_len);
+	}

 	return audit_buf;
 }
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -2195,9 +2195,10 @@ void xfrm_audit_log(uid_t auid, u32 sid, int type, int result,
 	}

 	if (sid != 0 &&
-		security_secid_to_secctx(sid, &secctx, &secctx_len) == 0)
+	    security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) {
 		audit_log_format(audit_buf, " subj=%s", secctx);
-	else
+		security_release_secctx(secctx, secctx_len);
+	} else
 		audit_log_task_context(audit_buf);

 	if (xp) {