From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> Free the ebitmaps inside the rolesets on error. Reported-by: oss-fuzz (issue 67769) Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> --- checkpolicy/policy_define.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c index 4fc6c417..1c019a3b 100644 --- a/checkpolicy/policy_define.c +++ b/checkpolicy/policy_define.c @@ -3186,6 +3186,7 @@ int define_role_allow(void) while ((id = queue_remove(id_queue))) { if (set_roles(&ra->roles, id)) { + role_allow_rule_destroy(ra); free(ra); return -1; } @@ -3193,6 +3194,7 @@ int define_role_allow(void) while ((id = queue_remove(id_queue))) { if (set_roles(&ra->new_roles, id)) { + role_allow_rule_destroy(ra); free(ra); return -1; } -- 2.43.0