Skip to content

Commit

Permalink
checkpolicy: free avrule on error
Browse files Browse the repository at this point in the history
Free the allocated avrule in define_te_avtab_xperms_helper() on
failures.

Also free the target classes ebitmap on allocation failure.

    Direct leak of 136 byte(s) in 1 object(s) allocated from:
        #0 0x49bb5d in __interceptor_malloc (./checkpolicy/checkpolicy+0x49bb5d)
        SELinuxProject#1 0x4e6eea in define_te_avtab_xperms_helper ./checkpolicy/policy_define.c:2041:24
        SELinuxProject#2 0x4e6eea in define_te_avtab_extended_perms ./checkpolicy/policy_define.c:2487:6
        SELinuxProject#3 0x4cef0b in yyparse ./checkpolicy/policy_parse.y:494:30
        SELinuxProject#4 0x4e0575 in read_source_policy ./checkpolicy/parse_util.c:63:6
        SELinuxProject#5 0x4ff121 in main ./checkpolicy/checkpolicy.c:616:7
        SELinuxProject#6 0x7fe31628b7ec in __libc_start_main csu/../csu/libc-start.c:332:16

    Indirect leak of 32 byte(s) in 1 object(s) allocated from:
        #0 0x4877b4 in strdup (./checkpolicy/checkpolicy+0x4877b4)
        SELinuxProject#1 0x4e6fa7 in define_te_avtab_xperms_helper ./checkpolicy/policy_define.c:2051:28
        SELinuxProject#2 0x4e6fa7 in define_te_avtab_extended_perms ./checkpolicy/policy_define.c:2487:6
        SELinuxProject#3 0x4cef0b in yyparse ./checkpolicy/policy_parse.y:494:30
        SELinuxProject#4 0x4e0575 in read_source_policy ./checkpolicy/parse_util.c:63:6
        SELinuxProject#5 0x4ff121 in main ./checkpolicy/checkpolicy.c:616:7
        SELinuxProject#6 0x7fe31628b7ec in __libc_start_main csu/../csu/libc-start.c:332:16

    Indirect leak of 24 byte(s) in 1 object(s) allocated from:
        #0 0x49bb5d in __interceptor_malloc (./checkpolicy/checkpolicy+0x49bb5d)
        SELinuxProject#1 0x50f2fa in ebitmap_set_bit ./libsepol/src/ebitmap.c:346:27
        SELinuxProject#2 0x4eb632 in set_types ./checkpolicy/policy_define.c
        SELinuxProject#3 0x4e7055 in define_te_avtab_xperms_helper ./checkpolicy/policy_define.c:2059:7
        SELinuxProject#4 0x4e7055 in define_te_avtab_extended_perms ./checkpolicy/policy_define.c:2487:6
        SELinuxProject#5 0x4cef0b in yyparse ./checkpolicy/policy_parse.y:494:30
        SELinuxProject#6 0x4e0575 in read_source_policy ./checkpolicy/parse_util.c:63:6
        SELinuxProject#7 0x4ff121 in main ./checkpolicy/checkpolicy.c:616:7
        SELinuxProject#8 0x7fe31628b7ec in __libc_start_main csu/../csu/libc-start.c:332:16

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
  • Loading branch information
cgzones committed Dec 5, 2024
1 parent f50abe2 commit 9d692fe
Showing 1 changed file with 7 additions and 1 deletion.
8 changes: 7 additions & 1 deletion checkpolicy/policy_define.c
Original file line number Diff line number Diff line change
Expand Up @@ -2136,7 +2136,8 @@ static int define_te_avtab_xperms_helper(int which, avrule_t ** rule)
avrule->xperms = NULL;
if (!avrule->source_filename) {
yyerror("out of memory");
return -1;
ret = -1;
goto out;
}

while ((id = queue_remove(id_queue))) {
Expand Down Expand Up @@ -2197,6 +2198,7 @@ static int define_te_avtab_xperms_helper(int which, avrule_t ** rule)
if (!cur_perms) {
yyerror("out of memory");
ret = -1;
ebitmap_destroy(&tclasses);
goto out;
}
class_perm_node_init(cur_perms);
Expand Down Expand Up @@ -2236,7 +2238,11 @@ static int define_te_avtab_xperms_helper(int which, avrule_t ** rule)
avrule->perms = perms;
*rule = avrule;

return 0;
out:
avrule_destroy(avrule);
free(avrule);

return ret;
}

Expand Down

0 comments on commit 9d692fe

Please sign in to comment.