This patch try to fix potential memleak in function
selinux_fs_context_dup`s error branch.
Signed-off-by: Bernard Zhao <bernard@xxxxxxxx>
---
security/selinux/hooks.c | 22 ++++++++++++++++++----
1 file changed, 18 insertions(+), 4 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 62d30c0a30c2..36d7fc373839 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2856,24 +2856,38 @@ static int selinux_fs_context_dup(struct fs_context *fc,
if (src->fscontext) {
opts->fscontext = kstrdup(src->fscontext, GFP_KERNEL);
if (!opts->fscontext)
- return -ENOMEM;
+ goto err_fscontext;
}
if (src->context) {
opts->context = kstrdup(src->context, GFP_KERNEL);
if (!opts->context)
- return -ENOMEM;
+ goto err_context;
}
if (src->rootcontext) {
opts->rootcontext = kstrdup(src->rootcontext, GFP_KERNEL);
if (!opts->rootcontext)
- return -ENOMEM;
+ goto err_rootcontext;
}
if (src->defcontext) {
opts->defcontext = kstrdup(src->defcontext, GFP_KERNEL);
if (!opts->defcontext)
- return -ENOMEM;
+ goto err_defcontext;
}
return 0;
+
+err_defcontext:
+ if (src->rootcontext)
+ kfree(opts->rootcontext);
+err_rootcontext:
+ if (src->context)
+ kfree(opts->context);
+err_context:
+ if (src->fscontext)
+ kfree(opts->fscontext);
+err_fscontext:
+ kfree(fc->security);
+
+ return -ENOMEM;
}
static const struct fs_parameter_spec selinux_fs_parameters[] = {
--
2.33.1
