On 1/31/19 8:22 AM, Petr Lautrbach wrote:
Signed-off-by: Petr Lautrbach <plautrba@xxxxxxxxxx>
---
libsepol/cil/src/cil_binary.c | 12 ++++++++++++
libsepol/cil/src/cil_resolve_ast.c | 10 ++++++++++
libsepol/cil/src/cil_symtab.c | 1 +
libsepol/src/expand.c | 3 +++
libsepol/src/kernel_to_cil.c | 2 ++
libsepol/src/kernel_to_conf.c | 2 ++
6 files changed, 30 insertions(+)
...
diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
index 6f1b235e..125a6809 100644
--- a/libsepol/src/expand.c
+++ b/libsepol/src/expand.c
@@ -1451,6 +1451,7 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r
new_trans->name = strdup(cur_rule->name);
if (!new_trans->name) {
ERR(state->handle, "Out of memory!");
+ free(new_trans);
return -1;
}
new_trans->stype = i + 1;
@@ -1460,6 +1461,8 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r
otype = calloc(1, sizeof(*otype));
if (!otype) {
ERR(state->handle, "Out of memory!");
+ free(new_trans->name);
+ free(new_trans);
return -1;
}
otype->otype = mapped_otype;
I believe that you need the following in the "if (rc) {" block a few lines down.
free(new_trans->name);
free(new_tran);
free(otype);
Everything else that I didn't comment on in this email or my last looks good.
--
James Carter <jwcart2@xxxxxxxxxxxxx>
National Security Agency
