[2/4] selinux: free memory in error branch

Message ID	20241018151300.445618-2-cgoettsche@seltendoof.de (mailing list archive)
State	Accepted
Commit	8266fd9401b9
Headers	show Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7CF462022C1 for <selinux@vger.kernel.org>; Fri, 18 Oct 2024 15:13:10 +0000 (UTC) From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgoettsche@seltendoof.de> To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> Subject: [PATCH 2/4] selinux: free memory in error branch Date: Fri, 18 Oct 2024 17:12:58 +0200 Message-ID: <20241018151300.445618-2-cgoettsche@seltendoof.de> In-Reply-To: <20241018151300.445618-1-cgoettsche@seltendoof.de> References: <20241018151300.445618-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
Series	[1/4] libselinux: avoid errno modification by fclose(3) \| expand [1/4] libselinux: avoid errno modification by fclose(3) [2/4] selinux: free memory in error branch [3/4] libsemanage: check for rewind(3) failure [4/4] selinux: set missing errno in failure branch

Message ID

20241018151300.445618-2-cgoettsche@seltendoof.de (mailing list archive)

State

Accepted

Commit

8266fd9401b9

Headers

From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgoettsche@seltendoof.de>
To: selinux@vger.kernel.org
Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
Subject: [PATCH 2/4] selinux: free memory in error branch
Date: Fri, 18 Oct 2024 17:12:58 +0200
Message-ID: <20241018151300.445618-2-cgoettsche@seltendoof.de>
In-Reply-To: <20241018151300.445618-1-cgoettsche@seltendoof.de>
References: <20241018151300.445618-1-cgoettsche@seltendoof.de>
Reply-To: cgzones@googlemail.com
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Series

[1/4] libselinux: avoid errno modification by fclose(3) | expand

Commit Message

Christian Göttsche Oct. 18, 2024, 3:12 p.m. UTC

From: Christian Göttsche <cgzones@googlemail.com>

Free the allocated line if it fails to parse via process_line() for the
X or media database.

Also declare the line_buf parameter of process_line() const, so it is
more obvious it is not modified or free'd.

Reported-by: clang-analyzer
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 libselinux/src/label_media.c | 6 +++---
 libselinux/src/label_x.c     | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/libselinux/src/label_media.c b/libselinux/src/label_media.c
index bae065c1..d535ef86 100644
--- a/libselinux/src/label_media.c
+++ b/libselinux/src/label_media.c
@@ -30,12 +30,12 @@  struct saved_data {
 	spec_t *spec_arr;
 };
 
-static int process_line(const char *path, char *line_buf, int pass,
+static int process_line(const char *path, const char *line_buf, int pass,
 			unsigned lineno, struct selabel_handle *rec)
 {
 	struct saved_data *data = (struct saved_data *)rec->data;
 	int items;
-	char *buf_p;
+	const char *buf_p;
 	char *key, *context;
 
 	buf_p = line_buf;
@@ -145,7 +145,6 @@  static int init(struct selabel_handle *rec, const struct selinux_opt *opts,
 				goto finish;
 		}
 	}
-	free(line_buf);
 
 	status = digest_add_specfile(rec->digest, fp, NULL, sb.st_size, path);
 	if (status)
@@ -154,6 +153,7 @@  static int init(struct selabel_handle *rec, const struct selinux_opt *opts,
 	digest_gen_hash(rec->digest);
 
 finish:
+	free(line_buf);
 	fclose(fp);
 	return status;
 }
diff --git a/libselinux/src/label_x.c b/libselinux/src/label_x.c
index ddae4f6c..c0d1d475 100644
--- a/libselinux/src/label_x.c
+++ b/libselinux/src/label_x.c
@@ -32,12 +32,12 @@  struct saved_data {
 	spec_t *spec_arr;
 };
 
-static int process_line(const char *path, char *line_buf, int pass,
+static int process_line(const char *path, const char *line_buf, int pass,
 			unsigned lineno, struct selabel_handle *rec)
 {
 	struct saved_data *data = (struct saved_data *)rec->data;
 	int items;
-	char *buf_p;
+	const char *buf_p;
 	char *type, *key, *context;
 
 	buf_p = line_buf;
@@ -172,7 +172,6 @@  static int init(struct selabel_handle *rec, const struct selinux_opt *opts,
 				goto finish;
 		}
 	}
-	free(line_buf);
 
 	status = digest_add_specfile(rec->digest, fp, NULL, sb.st_size, path);
 	if (status)
@@ -181,6 +180,7 @@  static int init(struct selabel_handle *rec, const struct selinux_opt *opts,
 	digest_gen_hash(rec->digest);
 
 finish:
+	free(line_buf);
 	fclose(fp);
 	return status;
 }

[2/4] selinux: free memory in error branch

Commit Message

Patch