Commit 73de1bef authored by Xiu Jianfeng's avatar Xiu Jianfeng Committed by Paul Moore
Browse files

selinux: fix memleak in security_read_state_kernel() 



In this function, it directly returns the result of __security_read_policy
without freeing the allocated memory in *data, cause memory leak issue,
so free the memory if __security_read_policy failed.

Signed-off-by: default avatarXiu Jianfeng <xiujianfeng@huawei.com>
[PM: subject line tweak]
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent 8d6d51ed

security/selinux/ss/services.c

+8 −1
Original line number Original line Diff line number Diff line
@@ -4048,6 +4048,7 @@ int security_read_policy(struct selinux_state *state, 
int security_read_state_kernel(struct selinux_state *state,

int security_read_state_kernel(struct selinux_state *state,

			       void **data, size_t *len)

			       void **data, size_t *len)

{

{

	int err;

	struct selinux_policy *policy;

	struct selinux_policy *policy;





	policy = rcu_dereference_protected(

	policy = rcu_dereference_protected(
@@ -4060,5 +4061,11 @@ int security_read_state_kernel(struct selinux_state *state, 
	if (!*data)

	if (!*data)

		return -ENOMEM;

		return -ENOMEM;





	return __security_read_policy(policy, *data, len);

	err = __security_read_policy(policy, *data, len);

	if (err) {

		vfree(*data);

		*data = NULL;

		*len = 0;

	}

	return err;

}
 
}