libsepol-3.10-2

- Fix memory leak in role_dominates_copy_callback

Resolves: RHEL-147882
This commit is contained in:
Vit Mojzis 2026-05-21 18:09:02 +02:00
parent 695d14028e
commit 97954d5e8d
3 changed files with 51 additions and 1 deletions

View File

@ -0,0 +1,46 @@
From bee83f31fddd26a87c63b1f9bd8fd87450437d6b Mon Sep 17 00:00:00 2001
From: Vit Mojzis <vmojzis@redhat.com>
Date: Tue, 28 Apr 2026 23:34:09 +0200
Subject: [PATCH] libsepol: Fix memory leak in role_dominates_copy_callback
Free memory allocated by map_ebitmap in case ebitmap_union fails.
Fixes:
Defect type: RESOURCE_LEAK
libsepol-3.10/src/expand.c:828:2: alloc_arg: "map_ebitmap" allocates memory that is stored into "mapped.node".
libsepol-3.10/src/expand.c:68:3: alloc_arg: "ebitmap_set_bit" allocates memory that is stored into "dst->node".
libsepol-3.10/src/ebitmap.c:420:2: alloc_fn: Storage is returned from allocation function "malloc".
libsepol-3.10/src/ebitmap.c:420:2: assign: Assigning: "new" = "(ebitmap_node_t *)malloc(24UL)".
libsepol-3.10/src/ebitmap.c:437:3: assign: Assigning: "e->node" = "new".
libsepol-3.10/src/expand.c:831:3: leaked_storage: Variable "mapped" going out of scope leaks the storage "mapped.node" points to.
\# 829| return -1;
\# 830| if (ebitmap_union(&new_role->dominates, &mapped))
\# 831|-> return -1;
\# 832| ebitmap_destroy(&mapped);
\# 833|
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Acked-by: Petr Lautrbach <lautrbach@redhat.com>
---
libsepol/src/expand.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
index ed912b57..72804f60 100644
--- a/libsepol/src/expand.c
+++ b/libsepol/src/expand.c
@@ -827,8 +827,10 @@ static int role_dominates_copy_callback(hashtab_key_t key __attribute__ ((unused
if (map_ebitmap(&role->dominates, &mapped, state->rolemap))
return -1;
- if (ebitmap_union(&new_role->dominates, &mapped))
+ if (ebitmap_union(&new_role->dominates, &mapped)) {
+ ebitmap_destroy(&mapped);
return -1;
+ }
ebitmap_destroy(&mapped);
return 0;
--
2.53.0

View File

@ -1,3 +1,6 @@
* Thu May 21 2026 Vit Mojzis <vmojzis@redhat.com> - 3.10-2
- Fix memory leak in role_dominates_copy_callback (RHEL-147882)
* Thu Feb 05 2026 Vit Mojzis <vmojzis@redhat.com> - 3.10-1
- SELinux userspace 3.10 release

View File

@ -1,7 +1,7 @@
Summary: SELinux binary policy manipulation library
Name: libsepol
Version: 3.10
Release: 1%{?dist}
Release: 2%{?dist}
License: LGPL-2.1-or-later
Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/libsepol-%{version}.tar.gz
Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}/libsepol-%{version}.tar.gz.asc
@ -12,6 +12,7 @@ URL: https://github.com/SELinuxProject/selinux/wiki
# $ git format-patch -N libsepol-3.10 -- libsepol
# $ i=1; for j in 0*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
# Patch list start
Patch0001: 0001-libsepol-Fix-memory-leak-in-role_dominates_copy_call.patch
# Patch list end
BuildRequires: make
BuildRequires: gcc