On 03/20/2017 11:14 AM, James Carter wrote:
sepol_set_sidtab() is called without calling sepol_sidtab_destroy().
This is not a big deal, since checkpolicy does not run for long, but
it does add noise when checking for other, more important, leaks.
Call sepol_sidtab_destroy() before exiting if not in debug mode.
Signed-off-by: James Carter <[email protected]>
This has been applied.
---
checkpolicy/checkpolicy.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/checkpolicy/checkpolicy.c b/checkpolicy/checkpolicy.c
index 442e7db..534fc22 100644
--- a/checkpolicy/checkpolicy.c
+++ b/checkpolicy/checkpolicy.c
@@ -673,6 +673,7 @@ int main(int argc, char **argv)
if (!debug) {
policydb_destroy(&policydb);
+ sepol_sidtab_destroy(&sidtab);
exit(0);
}
--
James Carter <[email protected]>
National Security Agency
_______________________________________________
Selinux mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to [email protected].
