Re: [apparmor] [patch] fix log parsing memory leaks

Seth Arnold Fri, 11 Jul 2014 15:36:06 -0700

On Fri, Jul 11, 2014 at 03:24:29PM -0700, Steve Beattie wrote:
> This patch fixes some memory leaks in the libapparmor log parsing functions,
> specifically around handling records obtained from syslog and records
> containing network addresses.
> 
> Bug: https://bugs.launchpad.net/bugs/1340927
> Signed-off-by: Steve Beattie <[email protected]>


Wow, nice catch and fast debugging.

Acked-by: Seth Arnold <[email protected]>

Thanks

> ---
>  libraries/libapparmor/src/grammar.y       |   16 +++++++++-------
>  libraries/libapparmor/src/libaalogparse.c |    4 ++++
>  2 files changed, 13 insertions(+), 7 deletions(-)
> 
> Index: b/libraries/libapparmor/src/grammar.y
> ===================================================================
> --- a/libraries/libapparmor/src/grammar.y
> +++ b/libraries/libapparmor/src/grammar.y
> @@ -196,15 +196,15 @@ other_audit: TOK_TYPE_OTHER audit_msg TO
>  
>  syslog_type:
>         syslog_date TOK_ID TOK_SYSLOG_KERNEL audit_id key_list
> -       { ret_record->version = AA_RECORD_SYNTAX_V2; }
> +       { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); }
>       | syslog_date TOK_ID TOK_SYSLOG_KERNEL key_type audit_id key_list
> -       { ret_record->version = AA_RECORD_SYNTAX_V2; }
> +       { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); }
>       | syslog_date TOK_ID TOK_SYSLOG_KERNEL TOK_DMESG_STAMP audit_id key_list
> -       { ret_record->version = AA_RECORD_SYNTAX_V2; }
> +       { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); free($4); }
>       | syslog_date TOK_ID TOK_SYSLOG_KERNEL TOK_DMESG_STAMP key_type 
> audit_id key_list
> -       { ret_record->version = AA_RECORD_SYNTAX_V2; }
> +       { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); free($4); }
>       | syslog_date TOK_ID TOK_SYSLOG_USER key_list
> -       { ret_record->version = AA_RECORD_SYNTAX_V2; }
> +       { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); }
>       ;
>  
>  /* when audit dispatches a message it doesn't prepend the audit type string 
> */
> @@ -229,8 +229,10 @@ audit_id: TOK_AUDIT TOK_OPEN_PAREN TOK_A
>               free($7);
>       } ;
>  
> -syslog_date: TOK_DATE_MONTH TOK_DIGITS TOK_TIME { /* do nothing? */ }
> -     | TOK_DATE TOK_TIME { /* do nothing */ }
> +syslog_date: TOK_DATE_MONTH TOK_DIGITS TOK_TIME
> +             { free($1); free($3); /* do nothing */ }
> +     | TOK_DATE TOK_TIME
> +             { free($1); free($2); /* do nothing */ }
>       ;
>  
>  key_list: key
> Index: b/libraries/libapparmor/src/libaalogparse.c
> ===================================================================
> --- a/libraries/libapparmor/src/libaalogparse.c
> +++ b/libraries/libapparmor/src/libaalogparse.c
> @@ -81,6 +81,10 @@ void free_record(aa_log_record *record)
>                       free(record->net_protocol);
>               if (record->net_sock_type != NULL)
>                       free(record->net_sock_type);
> +             if (record->net_local_addr != NULL)
> +                     free(record->net_local_addr);
> +             if (record->net_foreign_addr != NULL)
> +                     free(record->net_foreign_addr);
>               if (record->dbus_bus != NULL)
>                       free(record->dbus_bus);
>               if (record->dbus_path != NULL)
> 
> -- 
> Steve Beattie
> <[email protected]>
> http://NxNW.org/~steve/



> -- 
> AppArmor mailing list
> [email protected]
> Modify settings or unsubscribe at: 
> https://lists.ubuntu.com/mailman/listinfo/apparmor

signature.asc
Description: Digital signature

-- 
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Re: [apparmor] [patch] fix log parsing memory leaks

Reply via email to