Commit 9a3f3952 authored Mar 29, 2023 by GUO Zihua Committed by Jialin Zhang Mar 29, 2023

ima: Fix memory leakage in ima_store_template

Offering: HULK
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6P3K4


CVE: NA

--------------------------------

There is a memory leakage in ima_store_template when ima_add_template_entry
returns a non-zero value and duplicated_entry was successfully
generated. Fix it by freeing duplicated_entry in that case.

Fixes: 31604143 ("ima: Add support for measurement with digest lists")
Signed-off-by: GUO Zihua <guozihua@huawei.com>
Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2@huawei.com>
Reviewed-by: Cai Xinchen <caixinchen1@huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2@huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11@huawei.com>

parent 49d8cfd7

security/integrity/ima/ima_api.c

+3 −1

Original line number	Diff line number	Diff line
		@@ -133,7 +133,9 @@ int ima_store_template(struct ima_template_entry *entry,

		entry->pcr = pcr;
		result = ima_add_template_entry(entry, violation, op, inode, filename);
		if (!result && duplicated_entry) {
		if (result) {
		kfree(duplicated_entry);
		} else if (duplicated_entry) {
		result = ima_add_template_entry(duplicated_entry, violation, op,
		inode, filename);
		if (result < 0)