On Thu, Sep 9, 2021 at 12:45 PM Petr Lautrbach <plautrba@xxxxxxxxxx> wrote:
>
> libsepol/cil/src/cil_binary.c:4823: alloc_arg: "bounds_check_type" allocates memory that is stored into "bad".
> libsepol/cil/src/cil_binary.c:4840: var_assign: Assigning: "cur" = "bad".
> libsepol/cil/src/cil_binary.c:4844: noescape: Resource "cur" is not freed or pointed-to in "cil_avrule_from_sepol".
> libsepol/cil/src/cil_binary.c:4847: leaked_storage: Variable "cur" going out of scope leaks the storage it points to.
> libsepol/cil/src/cil_binary.c:4847: leaked_storage: Variable "bad" going out of scope leaks the storage it points to.
>
> Signed-off-by: Petr Lautrbach <plautrba@xxxxxxxxxx>
Acked-by: James Carter <jwcart2@xxxxxxxxx>
> ---
> libsepol/cil/src/cil_binary.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/libsepol/cil/src/cil_binary.c b/libsepol/cil/src/cil_binary.c
> index 43c37fc24686..4a80cb562424 100644
> --- a/libsepol/cil/src/cil_binary.c
> +++ b/libsepol/cil/src/cil_binary.c
> @@ -4842,6 +4842,7 @@ static int cil_check_type_bounds(const struct cil_db *db, policydb_t *pdb, void
> rc = cil_avrule_from_sepol(pdb, cur, &target, type_value_to_cil, class_value_to_cil, perm_value_to_cil);
> if (rc != SEPOL_OK) {
> cil_log(CIL_ERR, "Failed to convert sepol avrule to CIL\n");
> + bounds_destroy_bad(bad);
> goto exit;
> }
> __cil_print_rule(" ", "allow", &target);
> --
> 2.32.0
>
