On Wed, Nov 29, 2023 at 12:42 PM James Carter <jwcart2@xxxxxxxxx> wrote: > > Commit fb0a4ce1 (libsepol/cil: Allow paths in filecon rules to be > passed as arguments) changed when the new AST node data would be set > to point to the new filecon struct when creating a filecon rule. > This causes cil_destroy_filecon() to be called twice on the filecon > struct if there is an error when creating the filecon rule. > > If there is an error when creating a filecon rule, call > cil_clear_node() after destroying the filecon struct. > > Reported-by: oss-fuzz (issue 64385) > Signed-off-by: James Carter <jwcart2@xxxxxxxxx> I plan on merging this patch soon, unless there are any objections. Jim > --- > libsepol/cil/src/cil_build_ast.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/libsepol/cil/src/cil_build_ast.c b/libsepol/cil/src/cil_build_ast.c > index be260a31..56dac891 100644 > --- a/libsepol/cil/src/cil_build_ast.c > +++ b/libsepol/cil/src/cil_build_ast.c > @@ -4197,6 +4197,7 @@ int cil_gen_filecon(struct cil_db *db, struct cil_tree_node *parse_current, stru > exit: > cil_tree_log(parse_current, CIL_ERR, "Bad filecon declaration"); > cil_destroy_filecon(filecon); > + cil_clear_node(ast_node); > return rc; > } > > -- > 2.43.0 >
