From patchwork Tue Mar 27 13:35:58 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Colin King <colin.king@canonical.com>
X-Patchwork-Id: 10310099
Return-Path: <linux-security-module-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	9F609600F6
	for <patchwork-linux-security-module@patchwork.kernel.org>;
	Tue, 27 Mar 2018 13:36:36 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8F7C529D1F
	for <patchwork-linux-security-module@patchwork.kernel.org>;
	Tue, 27 Mar 2018 13:36:36 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 82A2929D25; Tue, 27 Mar 2018 13:36:36 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI
	autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 10E8D29D1F
	for <patchwork-linux-security-module@patchwork.kernel.org>;
	Tue, 27 Mar 2018 13:36:36 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752708AbeC0NgF (ORCPT
	<rfc822;patchwork-linux-security-module@patchwork.kernel.org>);
	Tue, 27 Mar 2018 09:36:05 -0400
Received: from youngberry.canonical.com ([91.189.89.112]:45800 "EHLO
	youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752279AbeC0NgA (ORCPT
	<rfc822;linux-security-module@vger.kernel.org>);
	Tue, 27 Mar 2018 09:36:00 -0400
Received: from 1.general.cking.uk.vpn ([10.172.193.212] helo=localhost)
	by youngberry.canonical.com with esmtpsa
	(TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.76)
	(envelope-from <colin.king@canonical.com>)
	id 1f0ola-0003ba-NZ; Tue, 27 Mar 2018 13:35:58 +0000
From: Colin King <colin.king@canonical.com>
To: John Johansen <john.johansen@canonical.com>,
	James Morris <jmorris@namei.org>, linux-security-module@vger.kernel.org
Cc: kernel-janitors@vger.kernel.org,
	"Serge E . Hallyn" <serge@hallyn.com>, linux-kernel@vger.kernel.org
Subject: [PATCH][next] apparmor: fix memory leak on buffer on error exit path
Date: Tue, 27 Mar 2018 14:35:58 +0100
Message-Id: <20180327133558.13072-1-colin.king@canonical.com>
X-Mailer: git-send-email 2.15.1
MIME-Version: 1.0
Sender: owner-linux-security-module@vger.kernel.org
Precedence: bulk
List-ID: <linux-security-module.vger.kernel.org>
X-Virus-Scanned: ClamAV using ClamSMTP

From: Colin Ian King <colin.king@canonical.com>

Currently on the error exit path the allocated buffer is not free'd
causing a memory leak. Fix this by kfree'ing it.

Detected by CoverityScan, CID#1466876 ("Resource leaks")

Fixes: 1180b4c757aa ("apparmor: fix dangling symlinks to policy rawdata after replacement")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
 security/apparmor/apparmorfs.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 96bb6b73af65..949dd8a48164 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -1497,8 +1497,10 @@ static char *gen_symlink_name(int depth, const char *dirname, const char *fname)
 	}
 
 	error = snprintf(s, size, "raw_data/%s/%s", dirname, fname);
-	if (error >= size || error < 0)
+	if (error >= size || error < 0) {
+		kfree(buffer);
 		return ERR_PTR(-ENAMETOOLONG);
+	}
 
 	return buffer;
 }