packages/libselinux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
libselinux/backport-libselinux-utils-free-allocated-resources.patch
fly_fzc a0ce0a7214 backport upstream patches 
(cherry picked from commit 2d65b8edc7d1afcb021fbac7cc381fbfa33df3c2)
2024-03-26 16:06:25 +08:00

141 lines
4.0 KiB
Diff
Raw Blame History

From 1d5c3b7204b418710a257b80feaae04527585546 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 19 Dec 2023 17:09:25 +0100
Subject: [PATCH] libselinux/utils: free allocated resources
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Remove noise while running with sanitizers or under valgrind.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
Reference:https://github.com/SELinuxProject/selinux/commit/1d5c3b7204b418710a257b80feaae04527585546
Conflict:path and context adapt
---
utils/getconlist.c | 10 +++++++---
utils/getdefaultcon.c | 20 +++++++++++++++++---
utils/selinuxexeccon.c | 1 +
3 files changed, 25 insertions(+), 6 deletions(-)
diff --git a/utils/getconlist.c b/utils/getconlist.c
index 92f6a793..1ff05209 100644
--- a/utils/getconlist.c
+++ b/utils/getconlist.c
@@ -19,8 +19,9 @@ static __attribute__ ((__noreturn__)) void usage(const char *name, const char *d
int main(int argc, char **argv)
{
- char **list, *cur_context = NULL;
- char *user = NULL, *level = NULL;
+ char **list;
+ const char *cur_context, *user;
+ char *cur_con = NULL, *level = NULL;
int ret, i, opt;
while ((opt = getopt(argc, argv, "l:")) > 0) {
@@ -54,11 +55,12 @@ int main(int argc, char **argv)
/* If a context wasn't passed, use the current context. */
if (((argc - optind) < 2)) {
- if (getcon(&cur_context) < 0) {
+ if (getcon(&cur_con) < 0) {
fprintf(stderr, "Couldn't get current context: %s\n", strerror(errno));
free(level);
return 2;
}
+ cur_context = cur_con;
} else {
cur_context = argv[optind + 1];
if (security_check_context(cur_context) != 0) {
@@ -82,10 +84,12 @@ int main(int argc, char **argv)
} else {
fprintf(stderr, "get_ordered_context_list%s failure: %d(%s)\n",
level ? "_with_level" : "", errno, strerror(errno));
+ free(cur_con);
free(level);
return 4;
}
+ free(cur_con);
free(level);
return 0;
diff --git a/utils/getdefaultcon.c b/utils/getdefaultcon.c
index 50f1ea91..67c84f94 100644
--- a/utils/getdefaultcon.c
+++ b/utils/getdefaultcon.c
@@ -19,8 +19,9 @@ static __attribute__ ((__noreturn__)) void usage(const char *name, const char *d
int main(int argc, char **argv)
{
- char * usercon = NULL, *cur_context = NULL;
- char *user = NULL, *level = NULL, *role=NULL, *seuser=NULL, *dlevel=NULL;
+ const char *cur_context, *user;
+ char *usercon = NULL, *cur_con = NULL;
+ char *level = NULL, *role=NULL, *seuser=NULL, *dlevel=NULL;
char *service = NULL;
int ret, opt;
int verbose = 0;
@@ -54,6 +55,9 @@ int main(int argc, char **argv)
if (!is_selinux_enabled()) {
fprintf(stderr,
"%s may be used only on a SELinux kernel.\n", argv[0]);
+ free(level);
+ free(role);
+ free(service);
return 1;
}
@@ -61,15 +65,23 @@ int main(int argc, char **argv)
/* If a context wasn't passed, use the current context. */
if (((argc - optind) < 2)) {
- if (getcon(&cur_context) < 0) {
+ if (getcon(&cur_con) < 0) {
fprintf(stderr, "Couldn't get current context: %s\n", strerror(errno));
+ free(level);
+ free(role);
+ free(service);
return 2;
}
+ cur_context = cur_con;
} else
cur_context = argv[optind + 1];
if (security_check_context(cur_context)) {
fprintf(stderr, "%s: invalid from context '%s'\n", argv[0], cur_context);
+ free(cur_con);
+ free(level);
+ free(role);
+ free(service);
return 3;
}
@@ -101,6 +113,8 @@ out:
if (level != dlevel) free(level);
free(dlevel);
free(usercon);
+ free(cur_con);
+ free(service);
return ret >= 0;
}
diff --git a/utils/selinuxexeccon.c b/utils/selinuxexeccon.c
index 66754b6a..463bf5aa 100644
--- a/utils/selinuxexeccon.c
+++ b/utils/selinuxexeccon.c
@@ -45,6 +45,7 @@ int main(int argc, char **argv)
con = strdup(argv[2]);
if (security_check_context(con)) {
fprintf(stderr, "%s: invalid from context '%s'\n", argv[0], con);
+ free(con);
return -1;
}
}
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink