-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlD+qJcACgkQrlYvE4MpobOgugCgs+NS9UBi7v166LH92M1YEo2F
+qIAn3iO6qi2Gz9UQK2hFgWpG08v1QJs
=cVTn
-----END PGP SIGNATURE-----
>From 63b1f0d55846e7e94149b417e7a811bba9eab242 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@xxxxxxxxxx>
Date: Thu, 29 Nov 2012 08:53:33 -0500
Subject: [PATCH 68/84] checkpolicy: Fix errors found by coverity
Couple of memory leaks and a couple of dead code spots.
Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
---
checkpolicy/policy_define.c | 13 ++++++++-----
checkpolicy/test/dismod.c | 5 ++++-
2 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index 2c12447..fc67737 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -2777,6 +2777,7 @@ int define_constraint(constraint_expr_t * expr)
}
if (!node->expr) {
yyerror("out of memory");
+ free(node);
return -1;
}
node->permissions = 0;
@@ -3068,13 +3069,11 @@ uintptr_t define_cexpr(uint32_t expr_type, uintptr_t arg1, uintptr_t arg2)
ebitmap_destroy(&negset);
return (uintptr_t) expr;
default:
- yyerror("invalid constraint expression");
- constraint_expr_destroy(expr);
- return 0;
+ break;
}
yyerror("invalid constraint expression");
- free(expr);
+ constraint_expr_destroy(expr);
return 0;
}
@@ -3281,6 +3280,7 @@ cond_expr_t *define_cond_expr(uint32_t expr_type, void *arg1, void *arg2)
return expr;
default:
yyerror("illegal conditional expression");
+ free(expr);
return NULL;
}
}
@@ -4627,7 +4627,10 @@ int define_range_trans(int class_specified)
goto out;
}
- ebitmap_set_bit(&rule->tclasses, cladatum->s.value - 1, TRUE);
+ if (ebitmap_set_bit(&rule->tclasses, cladatum->s.value - 1, TRUE)) {
+ yyerror("out of memory");
+ goto out;
+ }
}
id = (char *)queue_remove(id_queue);
diff --git a/checkpolicy/test/dismod.c b/checkpolicy/test/dismod.c
index 6a951f6..96ef047 100644
--- a/checkpolicy/test/dismod.c
+++ b/checkpolicy/test/dismod.c
@@ -844,7 +844,10 @@ int main(int argc, char **argv)
/* read the binary policy */
fprintf(out_fp, "Reading policy...\n");
- policydb_init(&policydb);
+ if (policydb_init(&policydb)) {
+ fprintf(stderr, "%s: Out of memory!\n", __FUNCTION__);
+ exit(1);
+ }
if (read_policy(argv[1], &policydb)) {
fprintf(stderr,
"%s: error(s) encountered while loading policy\n",
--
1.8.1
