From patchwork Mon Mar 21 23:00:13 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Colin King <colin.king@canonical.com>
X-Patchwork-Id: 8641991
Return-Path: <selinux-bounces@tycho.nsa.gov>
X-Original-To: patchwork-selinux@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork1.web.kernel.org (Postfix) with ESMTP id 316899F3D1
	for <patchwork-selinux@patchwork.kernel.org>;
	Tue, 22 Mar 2016 12:24:19 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 869002034B
	for <patchwork-selinux@patchwork.kernel.org>;
	Tue, 22 Mar 2016 12:24:18 +0000 (UTC)
Received: from emvm-gh1-uea08.nsa.gov (unknown [63.239.67.9])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 2A6DD2025A
	for <patchwork-selinux@patchwork.kernel.org>;
	Tue, 22 Mar 2016 12:24:17 +0000 (UTC)
X-TM-IMSS-Message-ID: <c15d97470002288f@nsa.gov>
Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by nsa.gov
	([10.208.42.193]) with ESMTP (TREND IMSS SMTP Service 7.1) id
	c15d97470002288f ; Tue, 22 Mar 2016 08:21:48 -0400
Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u2MCHF8P021377;
	Tue, 22 Mar 2016 08:18:57 -0400
Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil
	[144.51.242.1])
	by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id
	u2LN0NAH171774 for <selinux@prometheus.infosec.tycho.ncsc.mil>;
	Mon, 21 Mar 2016 19:00:23 -0400
Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u2LN0MIx001404;
	Mon, 21 Mar 2016 19:00:22 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: 
 A1CTAQDSe/BWkHBZvVtehQCoB5APhA2GDYF/AQEBAQEBEgEBAQEJCwsHIYVwMIEOARKIKwG/BIYejlYFl1eBUow0jwMCRI5CghgBXYFRPC6KBgEBAQ
X-IPAS-Result: 
 A1CTAQDSe/BWkHBZvVtehQCoB5APhA2GDYF/AQEBAQEBEgEBAQEJCwsHIYVwMIEOARKIKwG/BIYejlYFl1eBUow0jwMCRI5CghgBXYFRPC6KBgEBAQ
X-IronPort-AV: E=Sophos;i="5.24,374,1454994000"; d="scan'208";a="5312715"
Received: from emvm-gh1-uea08.nsa.gov ([10.208.42.193])
	by goalie.tycho.ncsc.mil with ESMTP; 21 Mar 2016 19:00:18 -0400
X-TM-IMSS-Message-ID: <be7f56cf0001f132@nsa.gov>
Received: from youngberry.canonical.com (youngberry.canonical.com
	[91.189.89.112]) by nsa.gov ([10.208.42.193]) with ESMTP (TREND IMSS
	SMTP
	Service 7.1) id be7f56cf0001f132 ; Mon, 21 Mar 2016 18:59:48 -0400
Received: from 1.general.cking.uk.vpn ([10.172.193.212] helo=localhost)
	by youngberry.canonical.com with esmtpsa
	(TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.76) (envelope-from <colin.king@canonical.com>)
	id 1ai8o2-0003Ve-C7; Mon, 21 Mar 2016 23:00:14 +0000
From: Colin King <colin.king@canonical.com>
To: Paul Moore <paul@paul-moore.com>, Stephen Smalley <sds@tycho.nsa.gov>,
	Eric Paris <eparis@parisplace.org>,
	James Morris <james.l.morris@oracle.com>,
	"Serge E . Hallyn" <serge@hallyn.com>, Nick Kralevich <nnk@google.com>,
	Jeff Vander Stoep <jeffv@google.com>, selinux@tycho.nsa.gov,
	linux-security-module@vger.kernel.org
Subject: [PATCH] selinux: fix memory leak on node_ptr on error return path
Date: Mon, 21 Mar 2016 23:00:13 +0000
Message-Id: <1458601213-5835-1-git-send-email-colin.king@canonical.com>
X-Mailer: git-send-email 2.7.3
X-TM-AS-MML: disable
X-Mailman-Approved-At: Tue, 22 Mar 2016 08:17:10 -0400
X-BeenThere: selinux@tycho.nsa.gov
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Security-Enhanced Linux \(SELinux\) mailing list"
	<selinux.tycho.nsa.gov>
List-Post: <mailto:selinux@tycho.nsa.gov>
List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help>
Cc: linux-kernel@vger.kernel.org
MIME-Version: 1.0
Errors-To: selinux-bounces@tycho.nsa.gov
Sender: "Selinux" <selinux-bounces@tycho.nsa.gov>
X-Spam-Status: No, score=-6.1 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	RDNS_NONE,
	UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: Colin Ian King <colin.king@canonical.com>

node_ptr is not being free'd if the list allocation fails, fix
this by kfree'ing it before exiting on the error path.

Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
 security/selinux/ss/conditional.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index 456e1a9..5d010ef 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -332,6 +332,7 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
 	list = kzalloc(sizeof(struct cond_av_list), GFP_KERNEL);
 	if (!list) {
 		rc = -ENOMEM;
+		kfree(node_ptr);
 		goto err;
 	}