Commit e6e0871c authored by Paul Moore's avatar Paul Moore Committed by James Morris

Net/Security: fix memory leaks from security_secid_to_secctx()

The security_secid_to_secctx() function returns memory that must be freed
by a call to security_release_secctx() which was not always happening.  This
patch fixes two of these problems (all that I could find in the kernel source
at present).
Signed-off-by: default avatarPaul Moore <paul.moore@hp.com>
Acked-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 088999e9
...@@ -113,8 +113,10 @@ struct audit_buffer *netlbl_audit_start_common(int type, ...@@ -113,8 +113,10 @@ struct audit_buffer *netlbl_audit_start_common(int type,
if (audit_info->secid != 0 && if (audit_info->secid != 0 &&
security_secid_to_secctx(audit_info->secid, security_secid_to_secctx(audit_info->secid,
&secctx, &secctx,
&secctx_len) == 0) &secctx_len) == 0) {
audit_log_format(audit_buf, " subj=%s", secctx); audit_log_format(audit_buf, " subj=%s", secctx);
security_release_secctx(secctx, secctx_len);
}
return audit_buf; return audit_buf;
} }
...@@ -2195,9 +2195,10 @@ void xfrm_audit_log(uid_t auid, u32 sid, int type, int result, ...@@ -2195,9 +2195,10 @@ void xfrm_audit_log(uid_t auid, u32 sid, int type, int result,
} }
if (sid != 0 && if (sid != 0 &&
security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) {
audit_log_format(audit_buf, " subj=%s", secctx); audit_log_format(audit_buf, " subj=%s", secctx);
else security_release_secctx(secctx, secctx_len);
} else
audit_log_task_context(audit_buf); audit_log_task_context(audit_buf);
if (xp) { if (xp) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment