Bug 336801
| Summary: | memory leak in audit_receive_msg in AUDIT_MAKE_EQUIV: | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | Eric Paris <eparis> |
| Component: | kernel | Assignee: | Eric Paris <eparis> |
| Status: | CLOSED DUPLICATE | QA Contact: | Martin Jenner <mjenner> |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | 5.0 | CC: | aviro, sgrubb |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2007-10-18 14:58:23 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
easy enough to fix. Either drop the if (!ab) check altogether since everything can handle null just fine, or wrap all of the audit_log_ stuff in a if(ab) so we always call the kfrees. |
Description of problem: ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); if (!ab) break; audit_log_format(ab, "auid=%u", loginuid); if (sid) { u32 len; ctx = NULL; if (selinux_ctxid_to_string(sid, &ctx, &len)) audit_log_format(ab, " ssid=%u", sid); else audit_log_format(ab, " subj=%s", ctx); kfree(ctx); } audit_log_format(ab, " op=make_equiv old="); audit_log_untrustedstring(ab, old); audit_log_format(ab, " new="); audit_log_untrustedstring(ab, new); audit_log_format(ab, " res=%d", !err); audit_log_end(ab); kfree(old); kfree(new); If ab is null for any reason we are going to leak old and new