From: Petr Lautrbach <lautrbach@redhat.com>
To: Vit Mojzis <vmojzis@redhat.com>, selinux@vger.kernel.org
Subject: Re: [PATCH] libsepol: Fix memory leak in role_dominates_copy_callback
Date: Tue, 28 Apr 2026 07:33:59 +0200 [thread overview]
Message-ID: <87zf2nsl6g.fsf@redhat.com> (raw)
In-Reply-To: <20260317211105.2485247-1-vmojzis@redhat.com>
Vit Mojzis <vmojzis@redhat.com> writes:
> Free memory allocated by map_ebitmap in case ebitmap_union fails.
>
> Fixes:
> Defect type: RESOURCE_LEAK
> libsepol-3.10/src/expand.c:828:2: alloc_arg: "map_ebitmap" allocates memory that is stored into "mapped.node".
> libsepol-3.10/src/expand.c:68:3: alloc_arg: "ebitmap_set_bit" allocates memory that is stored into "dst->node".
> libsepol-3.10/src/ebitmap.c:420:2: alloc_fn: Storage is returned from allocation function "malloc".
> libsepol-3.10/src/ebitmap.c:420:2: assign: Assigning: "new" = "(ebitmap_node_t *)malloc(24UL)".
> libsepol-3.10/src/ebitmap.c:437:3: assign: Assigning: "e->node" = "new".
> libsepol-3.10/src/expand.c:831:3: leaked_storage: Variable "mapped" going out of scope leaks the storage "mapped.node" points to.
> \# 829| return -1;
> \# 830| if (ebitmap_union(&new_role->dominates, &mapped))
> \# 831|-> return -1;
> \# 832| ebitmap_destroy(&mapped);
> \# 833|
>
Missing Signed-of-by tag.
> ---
> libsepol/src/expand.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
> index ed912b57..72804f60 100644
> --- a/libsepol/src/expand.c
> +++ b/libsepol/src/expand.c
> @@ -827,8 +827,10 @@ static int role_dominates_copy_callback(hashtab_key_t key __attribute__ ((unused
>
> if (map_ebitmap(&role->dominates, &mapped, state->rolemap))
> return -1;
> - if (ebitmap_union(&new_role->dominates, &mapped))
> + if (ebitmap_union(&new_role->dominates, &mapped)) {
> + ebitmap_destroy(&mapped);
> return -1;
> + }
> ebitmap_destroy(&mapped);
>
> return 0;
> --
> 2.52.0
next prev parent reply other threads:[~2026-04-28 5:34 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-17 21:11 [PATCH] libsepol: Fix memory leak in role_dominates_copy_callback Vit Mojzis
2026-04-28 5:33 ` Petr Lautrbach [this message]
2026-04-28 21:34 ` [PATCH v2] " Vit Mojzis
2026-04-29 13:32 ` Petr Lautrbach
2026-05-12 18:05 ` James Carter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87zf2nsl6g.fsf@redhat.com \
--to=lautrbach@redhat.com \
--cc=selinux@vger.kernel.org \
--cc=vmojzis@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox