Net/Security: fix memory leaks from security_secid_to_secctx()
authorPaul Moore <paul.moore@hp.com>
Wed, 1 Aug 2007 15:12:59 +0000 (11:12 -0400)
committerJames Morris <jmorris@namei.org>
Thu, 2 Aug 2007 15:52:26 +0000 (11:52 -0400)
The security_secid_to_secctx() function returns memory that must be freed
by a call to security_release_secctx() which was not always happening.  This
patch fixes two of these problems (all that I could find in the kernel source
at present).

Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
net/netlabel/netlabel_user.c
net/xfrm/xfrm_policy.c

index 89dcc485653bd6601fb078130396d929c81d9038..85a96a3fddaafdaa016dbdd14aea0f9433d8c22e 100644 (file)
@@ -113,8 +113,10 @@ struct audit_buffer *netlbl_audit_start_common(int type,
        if (audit_info->secid != 0 &&
            security_secid_to_secctx(audit_info->secid,
                                     &secctx,
-                                    &secctx_len) == 0)
+                                    &secctx_len) == 0) {
                audit_log_format(audit_buf, " subj=%s", secctx);
+               security_release_secctx(secctx, secctx_len);
+       }
 
        return audit_buf;
 }
index 95a47304336d1b7f24da1993910b8dc9e12f7877..e5a3be03aa0d0afb50dcfd886aeb4127d04badd7 100644 (file)
@@ -2195,9 +2195,10 @@ void xfrm_audit_log(uid_t auid, u32 sid, int type, int result,
        }
 
        if (sid != 0 &&
-               security_secid_to_secctx(sid, &secctx, &secctx_len) == 0)
+           security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) {
                audit_log_format(audit_buf, " subj=%s", secctx);
-       else
+               security_release_secctx(secctx, secctx_len);
+       } else
                audit_log_task_context(audit_buf);
 
        if (xp) {