diff mbox series

[6/6] checkpolicy: free complete role_allow_rule on error

Message ID 20240402152925.99781-6-cgoettsche@seltendoof.de (mailing list archive)
State Accepted
Commit 652e28838c1a
Delegated to: Petr Lautrbach
Headers show
Series [1/6] checkpolicy: include <ctype.h> for isprint(3) | expand

Commit Message

Christian Göttsche April 2, 2024, 3:29 p.m. UTC 
From: Christian Göttsche <cgzones@googlemail.com>

Free the ebitmaps inside the rolesets on error.

Reported-by: oss-fuzz (issue 67769)
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 checkpolicy/policy_define.c | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index 4fc6c417..1c019a3b 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -3186,6 +3186,7 @@  int define_role_allow(void)
 
 	while ((id = queue_remove(id_queue))) {
 		if (set_roles(&ra->roles, id)) {
+			role_allow_rule_destroy(ra);
 			free(ra);
 			return -1;
 		}
@@ -3193,6 +3194,7 @@  int define_role_allow(void)
 
 	while ((id = queue_remove(id_queue))) {
 		if (set_roles(&ra->new_roles, id)) {
+			role_allow_rule_destroy(ra);
 			free(ra);
 			return -1;
 		}