Re: Coverity: filename_trans_read_one(): Resource leaks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Apr 13, 2020 at 6:18 PM coverity-bot <keescook@xxxxxxxxxxxx> wrote:
> Hello!
>
> This is an experimental automated report about issues detected by Coverity
> from a scan of next-20200413 as part of the linux-next weekly scan project:
> https://scan.coverity.com/projects/linux-next-weekly-scan
>
> You're getting this email because you were associated with the identified
> lines of code (noted below) that were touched by commits:
>
>   Tue Feb 18 12:27:34 2020 +0100
>     c3a276111ea2 ("selinux: optimize storage of filename transitions")
>
> Coverity reported the following:
>
> *** CID 1461665:  Resource leaks  (RESOURCE_LEAK)
> /security/selinux/ss/policydb.c: 1862 in filename_trans_read_one()
> 1856                    return rc;
> 1857            len = le32_to_cpu(buf[0]);
> 1858
> 1859            /* path component string */
> 1860            rc = str_read(&name, GFP_KERNEL, fp, len);
> 1861            if (rc)
> vvv     CID 1461665:  Resource leaks  (RESOURCE_LEAK)
> vvv     Variable "name" going out of scope leaks the storage it points to.
> 1862                    return rc;
> 1863
> 1864            rc = next_entry(buf, fp, sizeof(u32) * 4);
> 1865            if (rc)
> 1866                    goto out;
> 1867

Right, I missed the fact that str_read() may give us back an allocated
pointer even if it returns an error. I'll send a fix probably
tomorrow. And I plan to have a look at refactoring the function so it
cleans up upon error on its own (+ updating the caller accordingly).
Its current interface just begs for trouble...

Thank you for running the bot, Kees! It's cool :)

>
> If this is a false positive, please let us know so we can mark it as
> such, or teach the Coverity rules to be smarter. If not, please make
> sure fixes get into linux-next. :) For patches fixing this, please
> include these lines (but double-check the "Fixes" first):
>
> Reported-by: coverity-bot <keescook+coverity-bot@xxxxxxxxxxxx>
> Addresses-Coverity-ID: 1461665 ("Resource leaks")
> Fixes: c3a276111ea2 ("selinux: optimize storage of filename transitions")
>
> Thanks for your attention!
>
> --
> Coverity-bot
>

-- 
Ondrej Mosnacek <omosnace at redhat dot com>
Software Engineer, Security Technologies
Red Hat, Inc.




[Index of Archives]     [Linux Kernel]     [Linux USB Development]     [Yosemite News]     [Linux SCSI]

  Powered by Linux