On Thu, Apr 20, 2023 at 4:58 PM James Carter <jwcart2@xxxxxxxxx> wrote: > > On Thu, Apr 20, 2023 at 11:25 AM Christian Göttsche > <cgzones@xxxxxxxxxxxxxx> wrote: > > > > The output parameter `role_arr` of semanage_user_get_roles() is an array > > of non-owned role names. Since the array is never used again, as its > > contents have been copied into the return value `roles`, free it. > > > > Example leak report from useradd(8): > > > > Direct leak of 8 byte(s) in 1 object(s) allocated from: > > #0 0x5597624284a8 in __interceptor_calloc (./shadow/src/useradd+0xee4a8) > > #1 0x7f53aefcbbf9 in sepol_user_get_roles src/user_record.c:270:21 > > > > Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> > > Acked-by: James Carter <jwcart2@xxxxxxxxx> > Merged. Thanks, Jim > > --- > > same as v1, only signed-of > > --- > > libsemanage/src/seusers_local.c | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/libsemanage/src/seusers_local.c b/libsemanage/src/seusers_local.c > > index 6508ec05..795a33d6 100644 > > --- a/libsemanage/src/seusers_local.c > > +++ b/libsemanage/src/seusers_local.c > > @@ -47,6 +47,7 @@ static char *semanage_user_roles(semanage_handle_t * handle, const char *sename) > > } > > } > > } > > + free(roles_arr); > > } > > semanage_user_free(user); > > } > > -- > > 2.40.0 > >
