From 20c19e4179884d7e843314071e2dfb1ea7b0afcd Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Sun, 23 Oct 2005 12:57:16 -0700 Subject: [PATCH] [PATCH] SELinux: handle sel_make_bools() failure in selinuxfs This patch fixes error handling in sel_make_bools(), where currently we'd get a memory leak via security_get_bools() and try to kfree() the wrong pointer if called again. Signed-off-by: James Morris Acked-by: Stephen Smalley Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- security/selinux/selinuxfs.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index 8eb140dd2e..a45cc971e7 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -879,7 +879,7 @@ static ssize_t sel_commit_bools_write(struct file *filep, if (sscanf(page, "%d", &new_value) != 1) goto out; - if (new_value) { + if (new_value && bool_pending_values) { security_set_bools(bool_num, bool_pending_values); } @@ -952,6 +952,7 @@ static int sel_make_bools(void) /* remove any existing files */ kfree(bool_pending_values); + bool_pending_values = NULL; sel_remove_bools(dir); @@ -1002,6 +1003,7 @@ out: } return ret; err: + kfree(values); d_genocide(dir); ret = -ENOMEM; goto out; -- 2.39.5