[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] libsemanage: fix resource leaks
On Mon, 2005-08-22 at 06:46 -0500, serue@xxxxxxxxxx wrote:
> This is the last of three patches against libsemanage. Just needed
> to hit these on my way to checking policycoreutils.
>
> The following fixes a bug found by Coverity in libsemanage:
>
> In both semod_get_active_modules_list() and
> semod_get_sandbox_modules_list() it is possible to return
> -1 after names and versions have been defined (if asprintf
> fails). In addition it is obviously possible for names to be
> malloced and the versions malloc to fail.
>
> Index: src/module_direct_api.c
> ===================================================================
> --- src.orig/module_direct_api.c
> +++ src/module_direct_api.c
> @@ -260,6 +260,10 @@ int semod_direct_list_modules(char **res
> char **names, **versions;
> *results = NULL;
> if ((retval = semod_get_active_modules_list (&names, &versions, &len)) < 0) {
> + if (names)
> + free(names);
> + if (versions)
> + free(versions);
> return retval;
> }
> return list_modules_common (results, names, versions, len);
> @@ -278,6 +282,10 @@ int semod_direct_list_sandbox(char *sand
> *results = NULL;
> if ((retval = semod_get_sandbox_modules_list (sandbox,
> &names, &versions, &len)) < 0) {
> + if (names)
> + free(names);
> + if (versions)
> + free(versions);
> return retval;
> }
> return list_modules_common (results, names, versions, len);
Looks like we need to free the individual elements as well. Any reason
this isn't handled internally by semod_build_modules_list upon an error?
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
This mailing list archive is a service of Copilot Consulting.