Applied. Thanks, Jim On Mon, Jan 4, 2021 at 1:18 PM James Carter <jwcart2@xxxxxxxxx> wrote: > > On Wed, Dec 30, 2020 at 5:10 AM Nicolas Iooss <nicolas.iooss@xxxxxxx> wrote: > > > > When __cil_resolve_perms fails, it does not destroy perm_datums, which > > leads to a memory leak reported by OSS-Fuzz with the following CIL > > policy: > > > > (class cl01()) > > (classorder(cl01)) > > (type at02) > > (type tpr3) > > (allow at02 tpr3(cl01((s)))) > > > > Calling cil_list_destroy() fixes the issue. > > > > Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28466 > > Signed-off-by: Nicolas Iooss <nicolas.iooss@xxxxxxx> > > Acked-by: James Carter <jwcart2@xxxxxxxxx> > > > --- > > libsepol/cil/src/cil_resolve_ast.c | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c > > index ecd05dfa5dab..255f17ae7e30 100644 > > --- a/libsepol/cil/src/cil_resolve_ast.c > > +++ b/libsepol/cil/src/cil_resolve_ast.c > > @@ -146,6 +146,7 @@ static int __cil_resolve_perms(symtab_t *class_symtab, symtab_t *common_symtab, > > return SEPOL_OK; > > > > exit: > > + cil_list_destroy(perm_datums, CIL_FALSE); > > return rc; > > } > > > > -- > > 2.29.2 > >
