In audit2why.c add return check for memory allocation. And free every element
in the boollist when function fails.
Signed-off-by: Jie Lu <lujie54@xxxxxxxxxx>
---
libselinux/src/audit2why.c | 26 ++++++++++++++++++++++++--
1 file changed, 24 insertions(+), 2 deletions(-)
diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c
index ba1a66eb..742b4ff5 100644
--- a/libselinux/src/audit2why.c
+++ b/libselinux/src/audit2why.c
@@ -55,7 +55,16 @@ static int load_booleans(const sepol_bool_t * boolean,
void *arg __attribute__ ((__unused__)))
{
boollist[boolcnt] = malloc(sizeof(struct boolean_t));
+ if (!boollist[boolcnt]) {
+ PyErr_SetString( PyExc_MemoryError, "Out of memory\n");
+ return -1;
+ }
boollist[boolcnt]->name = strdup(sepol_bool_get_name(boolean));
+ if (!boollist[boolcnt]->name) {
+ PyErr_SetString( PyExc_MemoryError, "Out of memory\n");
+ free(boollist[boolcnt]);
+ return -1;
+ }
boollist[boolcnt]->active = sepol_bool_get_value(boolean);
boolcnt++;
return 0;
@@ -149,6 +158,11 @@ static int check_booleans(struct boolean_t **bools)
if (fcnt > 0) {
*bools = calloc(sizeof(struct boolean_t), fcnt + 1);
+ if (!*bools) {
+ PyErr_SetString( PyExc_MemoryError, "Out of memory\n");
+ free(foundlist);
+ return 0;
+ }
struct boolean_t *b = *bools;
for (i = 0; i < fcnt; i++) {
int ctr = foundlist[i];
@@ -278,14 +292,22 @@ static int __policy_init(const char *init_path)
return 0;
err:
- if (boollist)
- free(boollist);
+ if (boollist) {
+ for (i = 0; i < boolcnt; i++) {
+ free(boollist[i]->name);
+ free(boollist[i]);
+ }
+ free(boollist);
+ boollist = NULL;
+ boolcnt = 0;
+ }
if (avc){
if (avc->handle)
sepol_handle_destroy(avc->handle);
if (avc->policydb)
sepol_policydb_free(avc->policydb);
free(avc);
+ avc = NULL;
}
if (pf)
sepol_policy_file_free(pf);
--
2.27.0
