Skip to content

Commit

Permalink
selinux: fix double free
Browse files Browse the repository at this point in the history 
commit 65de509 upstream.

Clang's static analysis tool reports these double free memory errors.

security/selinux/ss/services.c:2987:4: warning: Attempt to free released memory [unix.Malloc]
                        kfree(bnames[i]);
                        ^~~~~~~~~~~~~~~~
security/selinux/ss/services.c:2990:2: warning: Attempt to free released memory [unix.Malloc]
        kfree(bvalues);
        ^~~~~~~~~~~~~~

So improve the security_get_bools error handling by freeing these variables
and setting their return pointers to NULL and the return len to 0

Cc: stable@vger.kernel.org
Signed-off-by: Tom Rix <trix@redhat.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  • Loading branch information
@trixirt @acuicultor
trixirt authored and acuicultor committed Feb 12, 2021
1 parent fca4d52 commit 1e01375
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions security/selinux/ss/services.c
View file
Expand Up @@ -2884,8 +2884,12 @@ int security_get_bools(struct selinux_state *state,
if (*names) {
for (i = 0; i < *len; i++)
kfree((*names)[i]);
kfree(*names);
}
kfree(*values);
*len = 0;
*names = NULL;
*values = NULL;
goto out;
}

Expand Down

0 comments on commit 1e01375

Please sign in to comment.