You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
31 lines
982 B
31 lines
982 B
From b6b3ed1fa4c6de12908a9f01d1689f156c3cd441 Mon Sep 17 00:00:00 2001 |
|
From: Pavel Raiskup <praiskup@redhat.com> |
|
Date: Wed, 1 Jul 2015 12:30:57 +0200 |
|
Subject: [PATCH] selinux-h: avoid double free after *getfilecon() |
|
|
|
Originally reported by Ben Shelton on bug-tar: |
|
http://lists.gnu.org/archive/html/bug-tar/2015-04/msg00009.html |
|
|
|
* lib/getfilecon.c (map_to_failure): Set the already freed '*con' |
|
pointer to NULL. Man getfilecon(3) says that any non-NULL '*con' |
|
parameter should be freed by freecon(3) (regardless the return |
|
value). |
|
--- |
|
ChangeLog | 9 +++++++++ |
|
lib/getfilecon.c | 1 + |
|
2 files changed, 10 insertions(+) |
|
|
|
diff --git a/lib/getfilecon.c b/lib/getfilecon.c |
|
index 9ac69be..ef6adc8 100644 |
|
--- a/gnu/getfilecon.c |
|
+++ b/gnu/getfilecon.c |
|
@@ -57,6 +57,7 @@ map_to_failure (int ret, security_context_t *con) |
|
if (ret == 10 && strcmp (*con, "unlabeled") == 0) |
|
{ |
|
freecon (*con); |
|
+ *con = NULL; |
|
errno = ENODATA; |
|
return -1; |
|
} |
|
-- |
|
2.7.4
|
|
|