Net/Security: fix memory leaks from security_secid_to_secctx()
The security_secid_to_secctx() function returns memory that must be freed by a call to security_release_secctx() which was not always happening. This patch fixes two of these problems (all that I could find in the kernel source at present). Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
parent
088999e98b
commit
e6e0871cce
2 changed files with 6 additions and 3 deletions
|
@ -113,8 +113,10 @@ struct audit_buffer *netlbl_audit_start_common(int type,
|
|||
if (audit_info->secid != 0 &&
|
||||
security_secid_to_secctx(audit_info->secid,
|
||||
&secctx,
|
||||
&secctx_len) == 0)
|
||||
&secctx_len) == 0) {
|
||||
audit_log_format(audit_buf, " subj=%s", secctx);
|
||||
security_release_secctx(secctx, secctx_len);
|
||||
}
|
||||
|
||||
return audit_buf;
|
||||
}
|
||||
|
|
|
@ -2195,9 +2195,10 @@ void xfrm_audit_log(uid_t auid, u32 sid, int type, int result,
|
|||
}
|
||||
|
||||
if (sid != 0 &&
|
||||
security_secid_to_secctx(sid, &secctx, &secctx_len) == 0)
|
||||
security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) {
|
||||
audit_log_format(audit_buf, " subj=%s", secctx);
|
||||
else
|
||||
security_release_secctx(secctx, secctx_len);
|
||||
} else
|
||||
audit_log_task_context(audit_buf);
|
||||
|
||||
if (xp) {
|
||||
|
|
Loading…
Reference in a new issue