mcstrans/0001-mcstrans-Fir-RESOURCE_LEAK-and-USE_AFTER_FREE-coveri.patch
Petr Lautrbach 51b0210f5f SELinux userspace 3.3-rc2 release
Resolves: rhbz#2003554
2021-09-30 18:29:34 +02:00

130 lines
3.8 KiB
Diff

From 58a11e55120de4700d4e874dee0d8c36d13caedd Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Wed, 28 Nov 2018 18:28:05 +0100
Subject: [PATCH] mcstrans: Fir RESOURCE_LEAK and USE_AFTER_FREE coverity scan
defects
---
mcstrans/src/mcstrans.c | 21 +++++++++++++++++++--
mcstrans/src/mcstransd.c | 4 +++-
2 files changed, 22 insertions(+), 3 deletions(-)
diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c
index e92dfddb0d20..d0690e6b0dca 100644
--- a/mcstrans/src/mcstrans.c
+++ b/mcstrans/src/mcstrans.c
@@ -633,16 +633,23 @@ add_cache(domain_t *domain, char *raw, char *trans) {
map->raw = strdup(raw);
if (!map->raw) {
+ free(map);
goto err;
}
map->trans = strdup(trans);
if (!map->trans) {
+ free(map->raw);
+ free(map);
goto err;
}
log_debug(" add_cache (%s,%s)\n", raw, trans);
- if (add_to_hashtable(domain->raw_to_trans, map->raw, map) < 0)
+ if (add_to_hashtable(domain->raw_to_trans, map->raw, map) < 0) {
+ free(map->trans);
+ free(map->raw);
+ free(map);
goto err;
+ }
if (add_to_hashtable(domain->trans_to_raw, map->trans, map) < 0)
goto err;
@@ -1520,6 +1527,7 @@ trans_context(const char *incon, char **rcon) {
trans = compute_trans_from_raw(range, domain);
if (trans)
if (add_cache(domain, range, trans) < 0) {
+ free(trans);
free(range);
return -1;
}
@@ -1531,6 +1539,7 @@ trans_context(const char *incon, char **rcon) {
ltrans = compute_trans_from_raw(lrange, domain);
if (ltrans) {
if (add_cache(domain, lrange, ltrans) < 0) {
+ free(ltrans);
free(range);
return -1;
}
@@ -1549,6 +1558,7 @@ trans_context(const char *incon, char **rcon) {
utrans = compute_trans_from_raw(urange, domain);
if (utrans) {
if (add_cache(domain, urange, utrans) < 0) {
+ free(utrans);
free(ltrans);
free(range);
return -1;
@@ -1648,14 +1658,19 @@ untrans_context(const char *incon, char **rcon) {
canonical = compute_trans_from_raw(raw, domain);
if (canonical && strcmp(canonical, range))
if (add_cache(domain, raw, canonical) < 0) {
+ free(canonical);
free(range);
+ free(raw);
return -1;
}
}
- if (canonical)
+ if (canonical) {
free(canonical);
+ free(raw);
+ }
if (add_cache(domain, raw, range) < 0) {
free(range);
+ free(raw);
return -1;
}
} else {
@@ -1673,6 +1688,7 @@ untrans_context(const char *incon, char **rcon) {
canonical = compute_trans_from_raw(lraw, domain);
if (canonical)
if (add_cache(domain, lraw, canonical) < 0) {
+ free(canonical);
free(lraw);
free(range);
return -1;
@@ -1704,6 +1720,7 @@ untrans_context(const char *incon, char **rcon) {
canonical = compute_trans_from_raw(uraw, domain);
if (canonical)
if (add_cache(domain, uraw, canonical) < 0) {
+ free(canonical);
free(uraw);
free(lraw);
free(range);
diff --git a/mcstrans/src/mcstransd.c b/mcstrans/src/mcstransd.c
index 59c152e73be1..5191fc98ef06 100644
--- a/mcstrans/src/mcstransd.c
+++ b/mcstrans/src/mcstransd.c
@@ -335,6 +335,7 @@ process_events(struct pollfd **ufds, int *nfds)
/* Setup pollfd for deletion later. */
(*ufds)[ii].fd = -1;
close(connfd);
+ connfd = -1;
/* So we don't get bothered later */
revents = revents & ~(POLLHUP);
}
@@ -348,10 +349,11 @@ process_events(struct pollfd **ufds, int *nfds)
/* Set the pollfd up for deletion later. */
(*ufds)[ii].fd = -1;
close(connfd);
+ connfd = -1;
revents = revents & ~(POLLHUP);
}
- if (revents) {
+ if (revents && connfd != -1) {
syslog(LOG_ERR, "Unknown/error events (%x) encountered"
" for fd (%d)\n", revents, connfd);
--
2.32.0