Re: [PATCH] selinux: free str on error in str_read()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Apr 15, 2020 at 06:04:53PM -0400, Paul Moore wrote:
> On Tue, Apr 14, 2020 at 10:25 AM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote:
> >
> > In [see "Fixes:"] I missed the fact that str_read() may give back an
> > allocated pointer even if it returns an error, causing a potential
> > memory leak in filename_trans_read_one(). Fix this by making the
> > function free the allocated string whenever it returns a non-zero value,
> > which also makes its behavior more obvious and prevents repeating the
> > same mistake in the future.
> >
> > Reported-by: coverity-bot <keescook+coverity-bot@xxxxxxxxxxxx>
> > Addresses-Coverity-ID: 1461665 ("Resource leaks")
> > Fixes: c3a276111ea2 ("selinux: optimize storage of filename transitions")
> > Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
> > ---
> >  security/selinux/ss/policydb.c | 8 ++++----
> >  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> I just merged this into selinux/stable-5.7 and assuming all goes well
> in testing I'll send this up to Linus later this week.  Thanks Ondrej.
> 
> I also want to add my thanks to the "coverity bot", thanks Kees.  Are
> you only running this only on Linus tree?  If it's open to other trees
> it might be nice to get the selinux/next branch into the automated
> testing.

It's being run on linux-next. The free coverity scanner barely has the
resources is keep up with one tree, so I just feed it -next. They were
kind enough to let us upload daily now, so I've been trying to feed the
emailed reports back. It's all just the tip of the iceberg, of course.

-- 
Kees Cook



[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux