SELinux: fix memory leakage in /security/selinux/hooks.c Fix memory leakage in /security/selinux/hooks.c The buffer always needs to be freed here; we either error out or allocate more memory. Reported-by: iceberg <strakh@ispras.ru> Signed-off-by: James Morris <jmorris@namei.org> Acked-by: Stephen Smalley <sds@tycho.nsa.gov>

commit: 314dabb83a547ec4da819e8cbc78fac9cec605cd [log] [tgz]
author: James Morris <jmorris@namei.org> Mon Aug 10 22:00:13 2009 +1000
committer: James Morris <jmorris@namei.org> Tue Aug 11 08:37:13 2009 +1000
tree: 8e32efc47c52a218bfb4eb517ae2ba14d496adcc
parent: 85dfd81dc57e8183a277ddd7a56aa65c96f3f487 [diff] [blame]
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 15c2a08..1e8cfc4 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c

@@ -1285,6 +1285,8 @@
 		rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX,
 					   context, len);
 		if (rc == -ERANGE) {
+			kfree(context);
+
 			/* Need a larger buffer.  Query for the right size. */
 			rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX,
 						   NULL, 0);
@@ -1292,7 +1294,6 @@
 				dput(dentry);
 				goto out_unlock;
 			}
-			kfree(context);
 			len = rc;
 			context = kmalloc(len+1, GFP_NOFS);
 			if (!context) {
commit	314dabb83a547ec4da819e8cbc78fac9cec605cd	[log] [tgz]
author	James Morris <jmorris@namei.org>	Mon Aug 10 22:00:13 2009 +1000
committer	James Morris <jmorris@namei.org>	Tue Aug 11 08:37:13 2009 +1000
tree	8e32efc47c52a218bfb4eb517ae2ba14d496adcc
parent	85dfd81dc57e8183a277ddd7a56aa65c96f3f487 [diff] [blame]