From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Free the ebitmaps inside the rolesets on error.
Reported-by: oss-fuzz (issue 67769)
Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
checkpolicy/policy_define.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index 4fc6c417..1c019a3b 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -3186,6 +3186,7 @@ int define_role_allow(void)
while ((id = queue_remove(id_queue))) {
if (set_roles(&ra->roles, id)) {
+ role_allow_rule_destroy(ra);
free(ra);
return -1;
}
@@ -3193,6 +3194,7 @@ int define_role_allow(void)
while ((id = queue_remove(id_queue))) {
if (set_roles(&ra->new_roles, id)) {
+ role_allow_rule_destroy(ra);
free(ra);
return -1;
}
--
2.43.0
