Commit b437aba8 authored by Himanshu Shukla's avatar Himanshu Shukla Committed by Casey Schaufler

SMACK: Fix the memory leak in smack_cred_prepare() hook

Memory leak in smack_cred_prepare()function.
smack_cred_prepare() hook returns error if there is error in allocating
memory in smk_copy_rules() or smk_copy_relabel() function.
If smack_cred_prepare() function returns error then the calling
function should call smack_cred_free() function for cleanup.
In smack_cred_free() function first credential is  extracted and
then all rules are deleted. In smack_cred_prepare() function security
field is assigned in the end when all function return success. But this
function may return before and memory will not be freed.
Signed-off-by: default avatarHimanshu Shukla <himanshu.sh@samsung.com>
Acked-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
parent 7128ea15
...@@ -2023,6 +2023,8 @@ static int smack_cred_prepare(struct cred *new, const struct cred *old, ...@@ -2023,6 +2023,8 @@ static int smack_cred_prepare(struct cred *new, const struct cred *old,
if (new_tsp == NULL) if (new_tsp == NULL)
return -ENOMEM; return -ENOMEM;
new->security = new_tsp;
rc = smk_copy_rules(&new_tsp->smk_rules, &old_tsp->smk_rules, gfp); rc = smk_copy_rules(&new_tsp->smk_rules, &old_tsp->smk_rules, gfp);
if (rc != 0) if (rc != 0)
return rc; return rc;
...@@ -2032,7 +2034,6 @@ static int smack_cred_prepare(struct cred *new, const struct cred *old, ...@@ -2032,7 +2034,6 @@ static int smack_cred_prepare(struct cred *new, const struct cred *old,
if (rc != 0) if (rc != 0)
return rc; return rc;
new->security = new_tsp;
return 0; return 0;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment