Re: [PATCH 1/3] libsepol: Fix RESOURCE_LEAK defects reported by coverity scan

Nicolas Iooss <nicolas.iooss@xxxxxxx> · Thu, 31 Jan 2019 22:17:00 +0100

On Thu, Jan 31, 2019 at 2:22 PM Petr Lautrbach <plautrba@xxxxxxxxxx> wrote:
>
> Signed-off-by: Petr Lautrbach <plautrba@xxxxxxxxxx>
> ---
>  libsepol/cil/src/cil_binary.c      | 12 ++++++++++++
>  libsepol/cil/src/cil_resolve_ast.c | 10 ++++++++++
>  libsepol/cil/src/cil_symtab.c      |  1 +
>  libsepol/src/expand.c              |  3 +++
>  libsepol/src/kernel_to_cil.c       |  2 ++
>  libsepol/src/kernel_to_conf.c      |  2 ++
>  6 files changed, 30 insertions(+)
>
> diff --git a/libsepol/cil/src/cil_binary.c b/libsepol/cil/src/cil_binary.c
> index 0cc6eeb1..a645c95d 100644
> --- a/libsepol/cil/src/cil_binary.c
> +++ b/libsepol/cil/src/cil_binary.c
> @@ -912,6 +912,8 @@ int cil_sensalias_to_policydb(policydb_t *pdb, struct cil_alias *cil_alias)
>         key = cil_strdup(cil_alias->datum.fqn);
>         rc = symtab_insert(pdb, SYM_LEVELS, key, sepol_alias, SCOPE_DECL, 0, NULL);
>         if (rc != SEPOL_OK) {
> +               if (rc == 1)
> +                       free(sepol_alias);
>                 goto exit;
>         }

There is something weird here. The exit label starts with
"level_datum_destroy(sepol_alias);". This is not a serious issue
because level_datum_destroy() does not do anything, but after this
patch, cil_sensalias_to_policydb()'s code seems to use sepol_alias
after freeing it.

Should the call to level_datum_destroy(sepol_alias) be removed, or
moved before free(sepol_alias)?

Thanks,
Nicolas