mcstrans/0001-mcstrans-Fir-RESOURCE_LEAK-and-USE_AFTER_FREE-coveri.patch
2019-12-06 10:31:38 +01:00

130 lines
3.9 KiB
Diff

From a9eae01e435c2d6f13f3672a50f545bab03e9992 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Wed, 28 Nov 2018 18:28:05 +0100
Subject: [PATCH] mcstrans: Fir RESOURCE_LEAK and USE_AFTER_FREE coverity scan
defects
---
mcstrans/src/mcstrans.c | 21 +++++++++++++++++++--
mcstrans/src/mcstransd.c | 4 +++-
2 files changed, 22 insertions(+), 3 deletions(-)
diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c
index 96bdbdff7d8b..0d9d0f3e25b7 100644
--- a/mcstrans/src/mcstrans.c
+++ b/mcstrans/src/mcstrans.c
@@ -633,16 +633,23 @@ add_cache(domain_t *domain, char *raw, char *trans) {
map->raw = strdup(raw);
if (!map->raw) {
+ free(map);
goto err;
}
map->trans = strdup(trans);
if (!map->trans) {
+ free(map->raw);
+ free(map);
goto err;
}
log_debug(" add_cache (%s,%s)\n", raw, trans);
- if (add_to_hashtable(domain->raw_to_trans, map->raw, map) < 0)
+ if (add_to_hashtable(domain->raw_to_trans, map->raw, map) < 0) {
+ free(map->trans);
+ free(map->raw);
+ free(map);
goto err;
+ }
if (add_to_hashtable(domain->trans_to_raw, map->trans, map) < 0)
goto err;
@@ -1519,6 +1526,7 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
trans = compute_trans_from_raw(range, domain);
if (trans)
if (add_cache(domain, range, trans) < 0) {
+ free(trans);
free(range);
return -1;
}
@@ -1530,6 +1538,7 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
ltrans = compute_trans_from_raw(lrange, domain);
if (ltrans) {
if (add_cache(domain, lrange, ltrans) < 0) {
+ free(ltrans);
free(range);
return -1;
}
@@ -1548,6 +1557,7 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
utrans = compute_trans_from_raw(urange, domain);
if (utrans) {
if (add_cache(domain, urange, utrans) < 0) {
+ free(utrans);
free(ltrans);
free(range);
return -1;
@@ -1647,14 +1657,19 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
canonical = compute_trans_from_raw(raw, domain);
if (canonical && strcmp(canonical, range))
if (add_cache(domain, raw, canonical) < 0) {
+ free(canonical);
free(range);
+ free(raw);
return -1;
}
}
- if (canonical)
+ if (canonical) {
free(canonical);
+ free(raw);
+ }
if (add_cache(domain, raw, range) < 0) {
free(range);
+ free(raw);
return -1;
}
} else {
@@ -1672,6 +1687,7 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
canonical = compute_trans_from_raw(lraw, domain);
if (canonical)
if (add_cache(domain, lraw, canonical) < 0) {
+ free(canonical);
free(lraw);
free(range);
return -1;
@@ -1703,6 +1719,7 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
canonical = compute_trans_from_raw(uraw, domain);
if (canonical)
if (add_cache(domain, uraw, canonical) < 0) {
+ free(canonical);
free(uraw);
free(lraw);
free(range);
diff --git a/mcstrans/src/mcstransd.c b/mcstrans/src/mcstransd.c
index 858994932e4f..a1ec81acb3c8 100644
--- a/mcstrans/src/mcstransd.c
+++ b/mcstrans/src/mcstransd.c
@@ -335,6 +335,7 @@ process_events(struct pollfd **ufds, int *nfds)
/* Setup pollfd for deletion later. */
(*ufds)[ii].fd = -1;
close(connfd);
+ connfd = -1;
/* So we don't get bothered later */
revents = revents & ~(POLLHUP);
}
@@ -348,10 +349,11 @@ process_events(struct pollfd **ufds, int *nfds)
/* Set the pollfd up for deletion later. */
(*ufds)[ii].fd = -1;
close(connfd);
+ connfd = -1;
revents = revents & ~(POLLHUP);
}
- if (revents) {
+ if (revents && connfd != -1) {
syslog(LOG_ERR, "Unknown/error events (%x) encountered"
" for fd (%d)\n", revents, connfd);
--
2.23.0