diff options
| author | Alice Chu <alice.chu@sta.samsung.com> | 2013-01-16 16:11:24 -0800 |
|---|---|---|
| committer | Alice Chu <alice.chu@sta.samsung.com> | 2013-01-16 16:11:24 -0800 |
| commit | b0e0162a246f2c051427154909c0ecd694cc4805 (patch) | |
| tree | 8bd1c92d12db8fdaa3a18a59bb7bfb33277a377c | |
| parent | 4ebc669d5dc59771284b2d61eb4cce53e6a7069e (diff) | |
| download | libsepol-b0e0162a246f2c051427154909c0ecd694cc4805.tar.gz | |
Fix memory leak issues found by Klocworkandroid-cts-4.4_r4android-cts-4.4_r1android-4.4_r1.2.0.1android-4.4_r1.2android-4.4_r1.1.0.1android-4.4_r1.1android-4.4_r1.0.1android-4.4_r1android-4.4_r0.9android-4.4_r0.8android-4.4_r0.7android-4.3_r3.1android-4.3_r3android-4.3_r2.3android-4.3_r2.2android-4.3_r2.1android-4.3_r2android-4.3_r1.1android-4.3_r1android-4.3_r0.9.1android-4.3_r0.9android-4.3.1_r1tools_r22.2tools_r22kitkat-releasekitkat-cts-releasekitkat-cts-devjb-mr2.0.0-releasejb-mr2.0-releasejb-mr2-releasejb-mr2-devjb-mr1.1-dev-plus-aosp
Change-Id: If324d424dc11df435c26b0da11e314c7608180f9
| -rw-r--r-- | include/sepol/policydb/symtab.h | 1 | ||||
| -rw-r--r-- | src/expand.c | 11 | ||||
| -rw-r--r-- | src/genusers.c | 11 | ||||
| -rw-r--r-- | src/hierarchy.c | 1 | ||||
| -rw-r--r-- | src/link.c | 6 | ||||
| -rw-r--r-- | src/policydb.c | 4 | ||||
| -rw-r--r-- | src/policydb_convert.c | 1 | ||||
| -rw-r--r-- | src/services.c | 2 | ||||
| -rw-r--r-- | src/symtab.c | 8 | ||||
| -rw-r--r-- | src/write.c | 1 |
10 files changed, 42 insertions, 4 deletions
diff --git a/include/sepol/policydb/symtab.h b/include/sepol/policydb/symtab.h index c8ad664..490731b 100644 --- a/include/sepol/policydb/symtab.h +++ b/include/sepol/policydb/symtab.h @@ -32,6 +32,7 @@ typedef struct { } symtab_t; extern int symtab_init(symtab_t *, unsigned int size); +extern void symtab_destroy(symtab_t *); #endif /* _SYMTAB_H_ */ diff --git a/src/expand.c b/src/expand.c index 2003eb6..70c6848 100644 --- a/src/expand.c +++ b/src/expand.c @@ -251,6 +251,7 @@ static int common_copy_callback(hashtab_key_t key, hashtab_datum_t datum, new_id = strdup(id); if (!new_id) { ERR(state->handle, "Out of memory!"); + symtab_destroy(&new_common->permissions); free(new_common); return -1; } @@ -263,6 +264,7 @@ static int common_copy_callback(hashtab_key_t key, hashtab_datum_t datum, (hashtab_datum_t *) new_common); if (ret) { ERR(state->handle, "hashtab overflow"); + symtab_destroy(&new_common->permissions); free(new_common); free(new_id); return -1; @@ -812,6 +814,7 @@ static int role_copy_callback(hashtab_key_t key, hashtab_datum_t datum, new_id = strdup(id); if (!new_id) { ERR(state->handle, "Out of memory!"); + free(new_role); return -1; } @@ -963,6 +966,7 @@ static int user_copy_callback(hashtab_key_t key, hashtab_datum_t datum, new_id = strdup(id); if (!new_id) { ERR(state->handle, "Out of memory!"); + free(new_user); return -1; } ret = hashtab_insert(state->out->p_users.table, @@ -1982,6 +1986,7 @@ static int cond_node_copy(expand_state_t * state, cond_node_t * cn) if (cond_node_map_bools(state, tmp)) { ERR(state->handle, "Error mapping booleans"); + free(tmp); return -1; } @@ -2189,6 +2194,7 @@ static int genfs_copy(expand_state_t * state) newgenfs->fstype = strdup(genfs->fstype); if (!newgenfs->fstype) { ERR(state->handle, "Out of memory!"); + free(newgenfs); return -1; } @@ -2197,12 +2203,17 @@ static int genfs_copy(expand_state_t * state) newc = malloc(sizeof(ocontext_t)); if (!newc) { ERR(state->handle, "Out of memory!"); + free(newgenfs->fstype); + free(newgenfs); return -1; } memset(newc, 0, sizeof(ocontext_t)); newc->u.name = strdup(c->u.name); if (!newc->u.name) { ERR(state->handle, "Out of memory!"); + free(newc); + free(newgenfs->fstype); + free(newgenfs); return -1; } newc->v.sclass = c->v.sclass; diff --git a/src/genusers.c b/src/genusers.c index 37528e2..a31ea08 100644 --- a/src/genusers.c +++ b/src/genusers.c @@ -91,13 +91,20 @@ static int load_users(struct policydb *policydb, const char *path) ebitmap_init(&usrdatum->roles.roles); } else { char *id = strdup(q); + if (!id) { + ERR(NULL, "out of memory"); + free(buffer); + fclose(fp); + return -1; + } /* Adding a new user definition. */ usrdatum = (user_datum_t *) malloc(sizeof(user_datum_t)); - if (!id || !usrdatum) { + if (!usrdatum) { ERR(NULL, "out of memory"); free(buffer); + free(id); fclose(fp); return -1; } @@ -108,6 +115,8 @@ static int load_users(struct policydb *policydb, const char *path) id, (hashtab_datum_t) usrdatum)) { ERR(NULL, "out of memory"); free(buffer); + free(id); + free(usrdatum); fclose(fp); return -1; } diff --git a/src/hierarchy.c b/src/hierarchy.c index e2df5a4..d787a64 100644 --- a/src/hierarchy.c +++ b/src/hierarchy.c @@ -360,6 +360,7 @@ static int check_cond_avtab_hierarchy(cond_list_t * cond_list, args->numerr++; } cond_av_list_destroy(expl); + avtab_destroy(&expa); /* * Check false condition @@ -291,6 +291,7 @@ static int class_copy_callback(hashtab_key_t key, hashtab_datum_t datum, } new_id = strdup(id); if (new_id == NULL) { + symtab_destroy(&new_class->permissions); ERR(state->handle, "Memory error\n"); ret = SEPOL_ERR; goto err; @@ -299,6 +300,7 @@ static int class_copy_callback(hashtab_key_t key, hashtab_datum_t datum, (hashtab_key_t) new_id, (hashtab_datum_t) new_class); if (ret) { + symtab_destroy(&new_class->permissions); ERR(state->handle, "could not insert new class into symtab"); goto err; @@ -1300,7 +1302,7 @@ static int copy_avrule_list(avrule_t * list, avrule_t ** dst, if (new_rule->perms == NULL) { new_rule->perms = new_perm; - } else { + } else if (tail_perm) { tail_perm->next = new_perm; } tail_perm = new_perm; @@ -1765,6 +1767,7 @@ static int copy_avrule_block(link_state_t * state, policy_module_t * module, new_decl->module_name = strdup(module->policy->name); if (new_decl->module_name == NULL) { ERR(state->handle, "Out of memory\n"); + avrule_decl_destroy(new_decl); ret = -1; goto cleanup; } @@ -1784,6 +1787,7 @@ static int copy_avrule_block(link_state_t * state, policy_module_t * module, ret = copy_avrule_decl(state, module, decl, new_decl); if (ret) { + avrule_decl_destroy(new_decl); goto cleanup; } diff --git a/src/policydb.c b/src/policydb.c index ff292f6..e6d9075 100644 --- a/src/policydb.c +++ b/src/policydb.c @@ -3447,7 +3447,7 @@ static int avrule_block_read(policydb_t * p, * decl chain in its correct order */ if (curblock->branch_list == NULL) { curblock->branch_list = curdecl; - } else { + } else if (last_decl != NULL) { last_decl->next = curdecl; } last_decl = curdecl; @@ -3456,7 +3456,7 @@ static int avrule_block_read(policydb_t * p, if (*block == NULL) { *block = curblock; - } else { + } else if (last_block != NULL) { last_block->next = curblock; } last_block = curblock; diff --git a/src/policydb_convert.c b/src/policydb_convert.c index 32832bb..3fc40cb 100644 --- a/src/policydb_convert.c +++ b/src/policydb_convert.c @@ -20,6 +20,7 @@ int policydb_from_image(sepol_handle_t * handle, pf.handle = handle; if (policydb_read(policydb, &pf, 0)) { + policydb_destroy(policydb); ERR(handle, "policy image is invalid"); errno = EINVAL; return STATUS_ERR; diff --git a/src/services.c b/src/services.c index 9c2920c..bed1e9b 100644 --- a/src/services.c +++ b/src/services.c @@ -96,6 +96,7 @@ int sepol_set_policydb_from_file(FILE * fp) return -1; } if (policydb_read(&mypolicydb, &pf, 0)) { + policydb_destroy(&mypolicydb); ERR(NULL, "can't read binary policy: %s", strerror(errno)); return -1; } @@ -1016,6 +1017,7 @@ int hidden sepol_load_policy(void *data, size_t len) return -ENOMEM; if (policydb_read(&newpolicydb, fp, 1)) { + policydb_destroy(&newpolicydb); return -EINVAL; } diff --git a/src/symtab.c b/src/symtab.c index b3a7aa8..b319c8f 100644 --- a/src/symtab.c +++ b/src/symtab.c @@ -46,4 +46,12 @@ int symtab_init(symtab_t * s, unsigned int size) return 0; } +void symtab_destroy(symtab_t * s) +{ + if (!s) + return; + if (s->table) + hashtab_destroy(s->table); + return; +} /* FLASK */ diff --git a/src/write.c b/src/write.c index 22e6143..ab1c257 100644 --- a/src/write.c +++ b/src/write.c @@ -1810,6 +1810,7 @@ static int scope_write(hashtab_key_t key, hashtab_datum_t datum, void *ptr) buf[0] = cpu_to_le32(key_len); if (put_entry(buf, sizeof(*buf), 1, fp) != 1 || put_entry(key, 1, key_len, fp) != key_len) { + free(dyn_buf); return POLICYDB_ERROR; } buf[0] = cpu_to_le32(scope->scope); |