get_current_exe_path() takes both an exe_file reference and a path
reference before resolving the path name. If aa_path_name() failed, it
returned immediately and leaked both references.
Route the failure through the common cleanup path so fput() and path_put()
always run after the references are acquired.
Fixes: 8d34e16f7f2b ("apparmor: userns: Add support for execpath in userns")
Signed-off-by: Zygmunt Krynicki <[email protected]>
---
security/apparmor/task.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/security/apparmor/task.c b/security/apparmor/task.c
index 0db0e81b46001..6445cb5f85266 100644
--- a/security/apparmor/task.c
+++ b/security/apparmor/task.c
@@ -313,9 +313,12 @@ static const char *get_current_exe_path(char *buffer, int
buffer_size)
p = exe_file->f_path;
path_get(&p);
- if (aa_path_name(&p, FLAG_VIEW_SUBNS, buffer, &path_str, NULL, NULL))
- return ERR_PTR(-ENOMEM);
+ if (aa_path_name(&p, FLAG_VIEW_SUBNS, buffer, &path_str, NULL, NULL)) {
+ path_str = ERR_PTR(-ENOMEM);
+ goto out;
+ }
+out:
fput(exe_file);
path_put(&p);
--
2.53.0
