Commit 9a2cd27d authored by Navid Emamdoost's avatar Navid Emamdoost Committed by Yang Yingliang
Browse files

apparmor: Fix use-after-free in aa_audit_rule_init 



hulk inclusion
category: bugfix
bugzilla: NA
CVE: CVE-2019-18814

---------------------------

In the implementation of aa_audit_rule_init(), when aa_label_parse()
fails the allocated memory for rule is released using
aa_audit_rule_free(). But after this release, the return statement
tries to access the label field of the rule which results in
use-after-free. Before releasing the rule, copy errNo and return it
after release.

Fixes: 52e8c380 ("apparmor: Fix memory leak of rule on error exit path")
Signed-off-by: default avatarNavid Emamdoost <navid.emamdoost@gmail.com>
Reviewed-by: default avatarTyler Hicks <tyhicks@canonical.com>

Signed-off-by: default avatarJason Yan <yanaijie@huawei.com>
Reviewed-by: default avatarHanjun Guo <guohanjun@huawei.com>
Signed-off-by: default avatarYang Yingliang <yangyingliang@huawei.com>
parent 4b90845b
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment