[PATCH] SELinux: handle sel_make_bools() failure in selinuxfs

This patch fixes error handling in sel_make_bools(), where currently we'd get a memory leak via security_get_bools() and try to kfree() the wrong pointer if called again. Signed-off-by: James Morris <jmorris@namei.org> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

[PATCH] SELinux: handle sel_make_bools() failure in selinuxfs
This patch fixes error handling in sel_make_bools(), where currently we'd get a memory leak via security_get_bools() and try to kfree() the wrong pointer if called again. Signed-off-by: James Morris <jmorris@namei.org> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
20c19e41 · Davi Arnaut · Linus Torvalds · 282c1f5e · 20c19e41
Commit 20c19e41 authored Oct 23, 2005 by Davi Arnaut Committed by Linus Torvalds Oct 23, 2005
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

security/selinux/selinuxfs.c security/selinux/selinuxfs.c +3 -1

No files found.
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -879,7 +879,7 @@ static ssize_t sel_commit_bools_write(struct file *filep,
 	if (sscanf(page, "%d", &new_value) != 1)
 		goto out;
-	if (new_value) {
+	if (new_value && bool_pending_values) {
 		security_set_bools(bool_num, bool_pending_values);
 	}
@@ -952,6 +952,7 @@ static int sel_make_bools(void)
 	/* remove any existing files */
 	kfree(bool_pending_values);
+	bool_pending_values = NULL;
 	sel_remove_bools(dir);
@@ -1002,6 +1003,7 @@ static int sel_make_bools(void)
 	}
 	return ret;
 err:
+	kfree(values);
 	d_genocide(dir);
 	ret = -ENOMEM;
 	goto out;