diff options
| author | Xiu Jianfeng <xiujianfeng@huawei.com> | 2022-06-13 21:59:53 +0800 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2022-08-17 15:14:06 +0200 |
| commit | 1fc1f72aad2070d34022d0823e4cf09706b53f25 (patch) | |
| tree | e023ca8819d0262d84b92d1d50c70e75607f83ad /security | |
| parent | f7042cf9dd40733f387b7cac021e626c74b8856f (diff) | |
| download | linux-stable-1fc1f72aad2070d34022d0823e4cf09706b53f25.tar.gz linux-stable-1fc1f72aad2070d34022d0823e4cf09706b53f25.tar.bz2 linux-stable-1fc1f72aad2070d34022d0823e4cf09706b53f25.zip | |
selinux: fix memleak in security_read_state_kernel()
[ Upstream commit 73de1befcc53a7c68b0c5e76b9b5ac41c517760f ]
In this function, it directly returns the result of __security_read_policy
without freeing the allocated memory in *data, cause memory leak issue,
so free the memory if __security_read_policy failed.
Signed-off-by: Xiu Jianfeng <xiujianfeng@huawei.com>
[PM: subject line tweak]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/selinux/ss/services.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 69b2734311a6..fe5fcf571c56 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -4048,6 +4048,7 @@ int security_read_policy(struct selinux_state *state, int security_read_state_kernel(struct selinux_state *state, void **data, size_t *len) { + int err; struct selinux_policy *policy; policy = rcu_dereference_protected( @@ -4060,5 +4061,11 @@ int security_read_state_kernel(struct selinux_state *state, if (!*data) return -ENOMEM; - return __security_read_policy(policy, *data, len); + err = __security_read_policy(policy, *data, len); + if (err) { + vfree(*data); + *data = NULL; + *len = 0; + } + return err; } |