libsepol-3.10-2
- Fix memory leak in role_dominates_copy_callback Resolves: RHEL-147882
This commit is contained in:
parent
695d14028e
commit
97954d5e8d
@ -0,0 +1,46 @@
|
||||
From bee83f31fddd26a87c63b1f9bd8fd87450437d6b Mon Sep 17 00:00:00 2001
|
||||
From: Vit Mojzis <vmojzis@redhat.com>
|
||||
Date: Tue, 28 Apr 2026 23:34:09 +0200
|
||||
Subject: [PATCH] libsepol: Fix memory leak in role_dominates_copy_callback
|
||||
|
||||
Free memory allocated by map_ebitmap in case ebitmap_union fails.
|
||||
|
||||
Fixes:
|
||||
Defect type: RESOURCE_LEAK
|
||||
libsepol-3.10/src/expand.c:828:2: alloc_arg: "map_ebitmap" allocates memory that is stored into "mapped.node".
|
||||
libsepol-3.10/src/expand.c:68:3: alloc_arg: "ebitmap_set_bit" allocates memory that is stored into "dst->node".
|
||||
libsepol-3.10/src/ebitmap.c:420:2: alloc_fn: Storage is returned from allocation function "malloc".
|
||||
libsepol-3.10/src/ebitmap.c:420:2: assign: Assigning: "new" = "(ebitmap_node_t *)malloc(24UL)".
|
||||
libsepol-3.10/src/ebitmap.c:437:3: assign: Assigning: "e->node" = "new".
|
||||
libsepol-3.10/src/expand.c:831:3: leaked_storage: Variable "mapped" going out of scope leaks the storage "mapped.node" points to.
|
||||
\# 829| return -1;
|
||||
\# 830| if (ebitmap_union(&new_role->dominates, &mapped))
|
||||
\# 831|-> return -1;
|
||||
\# 832| ebitmap_destroy(&mapped);
|
||||
\# 833|
|
||||
|
||||
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
|
||||
Acked-by: Petr Lautrbach <lautrbach@redhat.com>
|
||||
---
|
||||
libsepol/src/expand.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
|
||||
index ed912b57..72804f60 100644
|
||||
--- a/libsepol/src/expand.c
|
||||
+++ b/libsepol/src/expand.c
|
||||
@@ -827,8 +827,10 @@ static int role_dominates_copy_callback(hashtab_key_t key __attribute__ ((unused
|
||||
|
||||
if (map_ebitmap(&role->dominates, &mapped, state->rolemap))
|
||||
return -1;
|
||||
- if (ebitmap_union(&new_role->dominates, &mapped))
|
||||
+ if (ebitmap_union(&new_role->dominates, &mapped)) {
|
||||
+ ebitmap_destroy(&mapped);
|
||||
return -1;
|
||||
+ }
|
||||
ebitmap_destroy(&mapped);
|
||||
|
||||
return 0;
|
||||
--
|
||||
2.53.0
|
||||
|
||||
@ -1,3 +1,6 @@
|
||||
* Thu May 21 2026 Vit Mojzis <vmojzis@redhat.com> - 3.10-2
|
||||
- Fix memory leak in role_dominates_copy_callback (RHEL-147882)
|
||||
|
||||
* Thu Feb 05 2026 Vit Mojzis <vmojzis@redhat.com> - 3.10-1
|
||||
- SELinux userspace 3.10 release
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
Summary: SELinux binary policy manipulation library
|
||||
Name: libsepol
|
||||
Version: 3.10
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
License: LGPL-2.1-or-later
|
||||
Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/libsepol-%{version}.tar.gz
|
||||
Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}/libsepol-%{version}.tar.gz.asc
|
||||
@ -12,6 +12,7 @@ URL: https://github.com/SELinuxProject/selinux/wiki
|
||||
# $ git format-patch -N libsepol-3.10 -- libsepol
|
||||
# $ i=1; for j in 0*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
|
||||
# Patch list start
|
||||
Patch0001: 0001-libsepol-Fix-memory-leak-in-role_dominates_copy_call.patch
|
||||
# Patch list end
|
||||
BuildRequires: make
|
||||
BuildRequires: gcc
|
||||
|
||||
Loading…
Reference in New Issue
Block a user