Re: [PATCH -next] selinux: Fix memleak in security_read_policy

From: Paul Moore
Date: Tue Jun 14 2022 - 22:03:14 EST

Next message: zhenwei pi: "[PATCH v5 0/1] mm/memory-failure: don't allow to unpoison hw corrupted page"
Previous message: Mark-PK Tsai: "[PATCH 5.4] arm64: kprobes: Use BRK instead of single-step when executing instructions out-of-line"
In reply to: Xiu Jianfeng: "[PATCH -next] selinux: Fix memleak in security_read_policy"
Next in thread: Ondrej Mosnacek: "Re: [PATCH -next] selinux: Fix memleak in security_read_policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jun 14, 2022 at 9:25 AM Xiu Jianfeng <xiujianfeng@xxxxxxxxxx> wrote:
>
> In this function, it directly returns the result of __security_read_policy
> without freeing the allocated memory in *data, cause memory leak issue,
> so free the memory if __security_read_policy failed.
>
> Signed-off-by: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx>
> ---
> security/selinux/ss/services.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)

This is another case where there is not actually a memory leak as the
only caller of security_read_policy() is sel_open_policy() which will
free the buffer it passes to security_read_policy() on error.

If you want you could add a comment to security_read_policy()
indicating that the caller is responsible for freeing the memory.

--
paul-moore.com

Next message: zhenwei pi: "[PATCH v5 0/1] mm/memory-failure: don't allow to unpoison hw corrupted page"
Previous message: Mark-PK Tsai: "[PATCH 5.4] arm64: kprobes: Use BRK instead of single-step when executing instructions out-of-line"
In reply to: Xiu Jianfeng: "[PATCH -next] selinux: Fix memleak in security_read_policy"
Next in thread: Ondrej Mosnacek: "Re: [PATCH -next] selinux: Fix memleak in security_read_policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]