James Carter <jwcart2@xxxxxxxxx> writes:
> On Wed, Jan 8, 2025 at 11:32 AM Christian Göttsche
> <cgoettsche@xxxxxxxxxxxxx> wrote:
>>
>> From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
>>
>> Free the hashtable for nlmsg xperm rules similar to the ioctl hashtable.
>>
>> Fixes: 1fd41f48 ("libsepol/cil: add support for xperms in conditional policies")
>> Reported-by: oss-fuzz (issue 388376332)
>> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
>
> For these two patches:
> Acked-by: James Carter <jwcart2@xxxxxxxxx>
Merged. Thanks!
>> ---
>> libsepol/cil/src/cil_binary.c | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>> diff --git a/libsepol/cil/src/cil_binary.c b/libsepol/cil/src/cil_binary.c
>> index 070bf525..e84188a0 100644
>> --- a/libsepol/cil/src/cil_binary.c
>> +++ b/libsepol/cil/src/cil_binary.c
>> @@ -2616,6 +2616,8 @@ int cil_booleanif_to_policydb(policydb_t *pdb, const struct cil_db *db, struct c
>> return SEPOL_OK;
>>
>> exit:
>> + hashtab_map(avrulex_nlmsg_table, __cil_avrulex_xperm_destroy, NULL);
>> + hashtab_destroy(avrulex_nlmsg_table);
>> hashtab_map(avrulex_ioctl_table, __cil_avrulex_xperm_destroy, NULL);
>> hashtab_destroy(avrulex_ioctl_table);
>> if (tmp_cond) {
>> --
>> 2.47.1
>>
>>
