The patch below does not apply to the 3.12-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <[email protected]>.
thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 8e645c345a4cf6b8b13054b4ec2f6371f05876a9 Mon Sep 17 00:00:00 2001 From: "Geyslan G. Bem" <[email protected]> Date: Sun, 24 Nov 2013 08:37:01 -0300 Subject: [PATCH] selinux: fix possible memory leak Free 'ctx_str' when necessary. Signed-off-by: Geyslan G. Bem <[email protected]> Cc: [email protected] Signed-off-by: Paul Moore <[email protected]> diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c index a91d205ec0c6..cf79a4564e38 100644 --- a/security/selinux/xfrm.c +++ b/security/selinux/xfrm.c @@ -327,19 +327,22 @@ int selinux_xfrm_state_alloc_acquire(struct xfrm_state *x, return rc; ctx = kmalloc(sizeof(*ctx) + str_len, GFP_ATOMIC); - if (!ctx) - return -ENOMEM; + if (!ctx) { + rc = -ENOMEM; + goto out; + } ctx->ctx_doi = XFRM_SC_DOI_LSM; ctx->ctx_alg = XFRM_SC_ALG_SELINUX; ctx->ctx_sid = secid; ctx->ctx_len = str_len; memcpy(ctx->ctx_str, ctx_str, str_len); - kfree(ctx_str); x->security = ctx; atomic_inc(&selinux_xfrm_refcount); - return 0; +out: + kfree(ctx_str); + return rc; } /* -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
