Re: [PATCH] checkpolicy: avoid leak of identifier on required attribute

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Nov 6, 2024 at 3:04 PM James Carter <jwcart2@xxxxxxxxx> wrote:
>
> On Wed, Nov 6, 2024 at 5:52 AM Christian Göttsche
> <cgoettsche@xxxxxxxxxxxxx> wrote:
> >
> > From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
> >
> > Example policy generated by fuzzer:
> >
> >     class s
> >     sid k
> >     class s { i }
> >     optional{
> >       require{
> >         attribute i;
> >       }
> >     }
> >     type m;
> >     typealias m alias i;
> >
> >     typeai
> >
> > Reported-by: oss-fuzz (issue 377576480)
> > Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
>
> Acked-by: James Carter <jwcart2@xxxxxxxxx>
>

Merged.
Thanks,
Jim

> > ---
> >  checkpolicy/policy_define.c | 1 +
> >  1 file changed, 1 insertion(+)
> >
> > diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
> > index 9aae8378..96414d46 100644
> > --- a/checkpolicy/policy_define.c
> > +++ b/checkpolicy/policy_define.c
> > @@ -1322,6 +1322,7 @@ static int add_aliases_to_type(type_datum_t * type)
> >                                 aliasdatum->primary = type->s.value;
> >                                 aliasdatum->flavor = TYPE_ALIAS;
> >
> > +                               free(id);
> >                                 break;
> >                         }
> >                 default:{
> > --
> > 2.45.2
> >
> >





[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux