In selinux_restorecon_set_sehandle(), close the old selabel handle
(if it exists) before setting the new one.
Signed-off-by: James Carter <jwcart2@xxxxxxxxx>
---
libselinux/src/selinux_restorecon.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c
index bc6ed935..ab1c5216 100644
--- a/libselinux/src/selinux_restorecon.c
+++ b/libselinux/src/selinux_restorecon.c
@@ -1367,6 +1367,10 @@ void selinux_restorecon_set_sehandle(struct selabel_handle *hndl)
unsigned char *fc_digest;
size_t num_specfiles, fc_digest_len;
+ if (fc_sehandle) {
+ selabel_close(fc_sehandle);
+ }
+
fc_sehandle = hndl;
if (!fc_sehandle)
return;
--
2.48.1
