'Another libselinux patch fixing memory leaks'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       selinux
Subject:    Another libselinux patch fixing memory leaks
From:       Steve G <linux_4ever () yahoo ! com>
Date:       2007-02-20 15:13:01
Message-ID: 475744.80462.qm () web51512 ! mail ! yahoo ! com
[Download RAW message or body]

Hi,

I was running restorecond through valgrind to figure out why it consumes so much
memory. It seemed to point to matchpathcon as a possible leak. I looked at the
functions and saw that there are some potentially uninitialized pointers that
could get freed when jumping to finish and a couple allocations that appear to be
leaked.

Patch is attached.

-Steve


 
____________________________________________________________________________________
Never Miss an Email
Stay connected with Yahoo! Mail on your mobile.  Get started!
http://mobile.yahoo.com/services?promote=mail
["libselinux-2.0.0-leaks.patch" (text/x-patch)]

diff -urp libselinux-2.0.0.orig/src/matchpathcon.c libselinux-2.0.0/src/matchpathcon.c
--- libselinux-2.0.0.orig/src/matchpathcon.c	2007-02-19 20:57:53.000000000 -0500
+++ libselinux-2.0.0/src/matchpathcon.c	2007-02-19 21:11:11.000000000 -0500
@@ -445,9 +445,9 @@ static int process_line(const char *path
 {
 	int items, len, regerr, ret;
 	char *buf_p, *ptr;
-	char *regex, *type, *context;
+	char *regex=NULL, *type=NULL, *context=NULL;
 	const char *reg_buf;
-	char *anchored_regex;
+	char *anchored_regex = NULL;
 
 	ret = 0;
 	len = strlen(line_buf);
@@ -543,9 +543,12 @@ static int process_line(const char *path
 				 path, lineno, anchored_regex,
 				 (errbuf ? errbuf : "out of memory"));
 			free(anchored_regex);
+			anchored_regex = NULL;
+			free(errbuf);
 			goto finish;
 		}
 		free(anchored_regex);
+		anchored_regex = NULL;
 
 		/* Convert the type string to a mode format */
 		spec_arr[nspec].type_str = type;
@@ -718,6 +721,7 @@ int matchpathcon_init_prefix(const char 
 		}
 	}
 	free(line_buf);
+	line_buf = NULL;
 
 	/* Move exact pathname specifications to the end. */
 	spec_copy = malloc(sizeof(spec_t) * nspec);
@@ -740,6 +744,7 @@ int matchpathcon_init_prefix(const char 
 	status = 0;
       finish:
 	fclose(fp);
+	free(line_buf);
 	if (spec_arr != spec_copy)
 		free(spec_arr);
 	if (homedirfp)

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic