Gitweb:     
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e6e0871cce2ae04f5790543ad2f4ec36b23260ba
Commit:     e6e0871cce2ae04f5790543ad2f4ec36b23260ba
Parent:     088999e98b8caecd31adc3b62223a228555c5ab7
Author:     Paul Moore <[EMAIL PROTECTED]>
AuthorDate: Wed Aug 1 11:12:59 2007 -0400
Committer:  James Morris <[EMAIL PROTECTED]>
CommitDate: Thu Aug 2 11:52:26 2007 -0400

    Net/Security: fix memory leaks from security_secid_to_secctx()
    
    The security_secid_to_secctx() function returns memory that must be freed
    by a call to security_release_secctx() which was not always happening.  This
    patch fixes two of these problems (all that I could find in the kernel 
source
    at present).
    
    Signed-off-by: Paul Moore <[EMAIL PROTECTED]>
    Acked-by:  Stephen Smalley <[EMAIL PROTECTED]>
    Signed-off-by: James Morris <[EMAIL PROTECTED]>
---
 net/netlabel/netlabel_user.c |    4 +++-
 net/xfrm/xfrm_policy.c       |    5 +++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c
index 89dcc48..85a96a3 100644
--- a/net/netlabel/netlabel_user.c
+++ b/net/netlabel/netlabel_user.c
@@ -113,8 +113,10 @@ struct audit_buffer *netlbl_audit_start_common(int type,
        if (audit_info->secid != 0 &&
            security_secid_to_secctx(audit_info->secid,
                                     &secctx,
-                                    &secctx_len) == 0)
+                                    &secctx_len) == 0) {
                audit_log_format(audit_buf, " subj=%s", secctx);
+               security_release_secctx(secctx, secctx_len);
+       }
 
        return audit_buf;
 }
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 95a4730..e5a3be0 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -2195,9 +2195,10 @@ void xfrm_audit_log(uid_t auid, u32 sid, int type, int 
result,
        }
 
        if (sid != 0 &&
-               security_secid_to_secctx(sid, &secctx, &secctx_len) == 0)
+           security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) {
                audit_log_format(audit_buf, " subj=%s", secctx);
-       else
+               security_release_secctx(secctx, secctx_len);
+       } else
                audit_log_task_context(audit_buf);
 
        if (xp) {
-
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to