summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorJames Morris <jmorris@namei.org>2009-08-10 22:00:13 +1000
committerJames Morris <jmorris@namei.org>2009-08-11 08:37:13 +1000
commit314dabb83a547ec4da819e8cbc78fac9cec605cd (patch)
tree8e32efc47c52a218bfb4eb517ae2ba14d496adcc /security
parent85dfd81dc57e8183a277ddd7a56aa65c96f3f487 (diff)
downloadlinux-3.10-314dabb83a547ec4da819e8cbc78fac9cec605cd.tar.gz
linux-3.10-314dabb83a547ec4da819e8cbc78fac9cec605cd.tar.bz2
linux-3.10-314dabb83a547ec4da819e8cbc78fac9cec605cd.zip
SELinux: fix memory leakage in /security/selinux/hooks.c
Fix memory leakage in /security/selinux/hooks.c The buffer always needs to be freed here; we either error out or allocate more memory. Reported-by: iceberg <strakh@ispras.ru> Signed-off-by: James Morris <jmorris@namei.org> Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Diffstat (limited to 'security')
-rw-r--r--security/selinux/hooks.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 15c2a08a66f..1e8cfc4c2ed 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1285,6 +1285,8 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX,
context, len);
if (rc == -ERANGE) {
+ kfree(context);
+
/* Need a larger buffer. Query for the right size. */
rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX,
NULL, 0);
@@ -1292,7 +1294,6 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
dput(dentry);
goto out_unlock;
}
- kfree(context);
len = rc;
context = kmalloc(len+1, GFP_NOFS);
if (!context) {