apparmor: fix leak of null profile name if profile allocation fails

[ Upstream commit 4633307e5ed6128975595df43f796a10c41d11c1 ]

Fixes: d07881d2edb0 ("apparmor: move new_null_profile to after profile lookup fns()")
Reported-by: Seth Arnold <seth.arnold@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index 4243b0c3f0e4acc6d66c70ea878f32d548bebdd4..586b249d3b46a14a3901800b5315eacd2467a01d 100644 (file)
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -502,7 +502,7 @@ struct aa_profile *aa_new_null_profile(struct aa_profile *parent, bool hat,
 {
        struct aa_profile *p, *profile;
        const char *bname;
-       char *name;
+       char *name = NULL;
 
        AA_BUG(!parent);
 
@@ -562,6 +562,7 @@ out:
        return profile;
 
 fail:
+       kfree(name);
        aa_free_profile(profile);
        return NULL;
 }