In cil_strpool_destroy(), cil_strpool_tab is freed but it is not reset to NULL. When cil_strpool_init() is called again it assumes that cil_strpool_tab was already initialized. Other functions then work with invalid data.
Signed-off-by: Jan Zarsky <jzar...@redhat.com> --- libsepol/cil/src/cil_strpool.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libsepol/cil/src/cil_strpool.c b/libsepol/cil/src/cil_strpool.c index b1396d2..97d4c4b 100644 --- a/libsepol/cil/src/cil_strpool.c +++ b/libsepol/cil/src/cil_strpool.c @@ -119,6 +119,7 @@ void cil_strpool_destroy(void) if (cil_strpool_readers == 0) { hashtab_map(cil_strpool_tab, cil_strpool_entry_destroy, NULL); hashtab_destroy(cil_strpool_tab); + cil_strpool_tab = NULL; } pthread_mutex_unlock(&cil_strpool_mutex); } -- 2.9.5