f7ff2dd875
- Check the result value of hashtable_search - Destroy the class datum if it fails to initialize
29 lines
920 B
Diff
29 lines
920 B
Diff
diff --git checkpolicy-2.8/module_compiler.c checkpolicy-2.8/module_compiler.c
|
|
index 155702f..ada7cb2 100644
|
|
--- checkpolicy-2.8/module_compiler.c
|
|
+++ checkpolicy-2.8/module_compiler.c
|
|
@@ -802,6 +802,7 @@ int require_class(int pass)
|
|
if ((datum = calloc(1, sizeof(*datum))) == NULL ||
|
|
symtab_init(&datum->permissions, PERM_SYMTAB_SIZE)) {
|
|
yyerror("Out of memory!");
|
|
+ class_datum_destroy(datum);
|
|
return -1;
|
|
}
|
|
ret =
|
|
diff --git checkpolicy-2.8/policy_define.c checkpolicy-2.8/policy_define.c
|
|
index d8788a6..ece10e7 100644
|
|
--- checkpolicy-2.8/policy_define.c
|
|
+++ checkpolicy-2.8/policy_define.c
|
|
@@ -1107,6 +1107,11 @@ int define_level(void)
|
|
(cat_datum_t *) hashtab_search(policydbp->p_cats.
|
|
table,
|
|
(hashtab_key_t) id);
|
|
+ if (!cdatum) {
|
|
+ yyerror2("unknown category %s", id);
|
|
+ free(id);
|
|
+ return -1;
|
|
+ }
|
|
range_start = range_end = cdatum->s.value - 1;
|
|
}
|
|
|