From 3b05202621539843069bb1477da0d6cfdd384ebc Mon Sep 17 00:00:00 2001
From: root <root@localhost.localdomain>
Date: Mon, 8 Jan 2024 19:51:09 +0800
Subject: [PATCH] libsepol: avoid leak in OOM branch
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
 
In case the member sid_key failed to allocate, free the parent struct.
 
Reported by Clang Analyzer:
 
    module_to_cil.c:2607:9: warning: Potential leak of memory pointed to by 'item' [unix.Malloc]
     2607 |         return rc;
          |                ^~
 
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
 
Reference: https://github.com/SELinuxProject/selinux/commit/5e425b4165b801666e478b19efbf8ddb14d82a02
Conflict: Context adaptation
---
 libsepol/src/module_to_cil.c | 1 +
 1 file changed, 1 insertion(+)
 
diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c
index cc8066d..9a45cee 100644
--- a/libsepol/src/module_to_cil.c
+++ b/libsepol/src/module_to_cil.c
@@ -2570,6 +2570,7 @@ static int ocontext_isid_to_cil(struct policydb *pdb, const char *const *sid_to_
 		item->sid_key = strdup(sid);
 		if (!item->sid_key) {
 			log_err("Out of memory");
+			free(item);
 			rc = -1;
 			goto exit;
 		}
-- 
2.33.0