* [PATCH] libsepol: Fix memory leak in role_dominates_copy_callback
@ 2026-03-17 21:11 Vit Mojzis
2026-04-28 5:33 ` Petr Lautrbach
0 siblings, 1 reply; 5+ messages in thread
From: Vit Mojzis @ 2026-03-17 21:11 UTC (permalink / raw)
To: selinux
Free memory allocated by map_ebitmap in case ebitmap_union fails.
Fixes:
Defect type: RESOURCE_LEAK
libsepol-3.10/src/expand.c:828:2: alloc_arg: "map_ebitmap" allocates memory that is stored into "mapped.node".
libsepol-3.10/src/expand.c:68:3: alloc_arg: "ebitmap_set_bit" allocates memory that is stored into "dst->node".
libsepol-3.10/src/ebitmap.c:420:2: alloc_fn: Storage is returned from allocation function "malloc".
libsepol-3.10/src/ebitmap.c:420:2: assign: Assigning: "new" = "(ebitmap_node_t *)malloc(24UL)".
libsepol-3.10/src/ebitmap.c:437:3: assign: Assigning: "e->node" = "new".
libsepol-3.10/src/expand.c:831:3: leaked_storage: Variable "mapped" going out of scope leaks the storage "mapped.node" points to.
\# 829| return -1;
\# 830| if (ebitmap_union(&new_role->dominates, &mapped))
\# 831|-> return -1;
\# 832| ebitmap_destroy(&mapped);
\# 833|
---
libsepol/src/expand.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
index ed912b57..72804f60 100644
--- a/libsepol/src/expand.c
+++ b/libsepol/src/expand.c
@@ -827,8 +827,10 @@ static int role_dominates_copy_callback(hashtab_key_t key __attribute__ ((unused
if (map_ebitmap(&role->dominates, &mapped, state->rolemap))
return -1;
- if (ebitmap_union(&new_role->dominates, &mapped))
+ if (ebitmap_union(&new_role->dominates, &mapped)) {
+ ebitmap_destroy(&mapped);
return -1;
+ }
ebitmap_destroy(&mapped);
return 0;
--
2.52.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] libsepol: Fix memory leak in role_dominates_copy_callback
2026-03-17 21:11 [PATCH] libsepol: Fix memory leak in role_dominates_copy_callback Vit Mojzis
@ 2026-04-28 5:33 ` Petr Lautrbach
2026-04-28 21:34 ` [PATCH v2] " Vit Mojzis
0 siblings, 1 reply; 5+ messages in thread
From: Petr Lautrbach @ 2026-04-28 5:33 UTC (permalink / raw)
To: Vit Mojzis, selinux
Vit Mojzis <vmojzis@redhat.com> writes:
> Free memory allocated by map_ebitmap in case ebitmap_union fails.
>
> Fixes:
> Defect type: RESOURCE_LEAK
> libsepol-3.10/src/expand.c:828:2: alloc_arg: "map_ebitmap" allocates memory that is stored into "mapped.node".
> libsepol-3.10/src/expand.c:68:3: alloc_arg: "ebitmap_set_bit" allocates memory that is stored into "dst->node".
> libsepol-3.10/src/ebitmap.c:420:2: alloc_fn: Storage is returned from allocation function "malloc".
> libsepol-3.10/src/ebitmap.c:420:2: assign: Assigning: "new" = "(ebitmap_node_t *)malloc(24UL)".
> libsepol-3.10/src/ebitmap.c:437:3: assign: Assigning: "e->node" = "new".
> libsepol-3.10/src/expand.c:831:3: leaked_storage: Variable "mapped" going out of scope leaks the storage "mapped.node" points to.
> \# 829| return -1;
> \# 830| if (ebitmap_union(&new_role->dominates, &mapped))
> \# 831|-> return -1;
> \# 832| ebitmap_destroy(&mapped);
> \# 833|
>
Missing Signed-of-by tag.
> ---
> libsepol/src/expand.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
> index ed912b57..72804f60 100644
> --- a/libsepol/src/expand.c
> +++ b/libsepol/src/expand.c
> @@ -827,8 +827,10 @@ static int role_dominates_copy_callback(hashtab_key_t key __attribute__ ((unused
>
> if (map_ebitmap(&role->dominates, &mapped, state->rolemap))
> return -1;
> - if (ebitmap_union(&new_role->dominates, &mapped))
> + if (ebitmap_union(&new_role->dominates, &mapped)) {
> + ebitmap_destroy(&mapped);
> return -1;
> + }
> ebitmap_destroy(&mapped);
>
> return 0;
> --
> 2.52.0
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH v2] libsepol: Fix memory leak in role_dominates_copy_callback
2026-04-28 5:33 ` Petr Lautrbach
@ 2026-04-28 21:34 ` Vit Mojzis
2026-04-29 13:32 ` Petr Lautrbach
0 siblings, 1 reply; 5+ messages in thread
From: Vit Mojzis @ 2026-04-28 21:34 UTC (permalink / raw)
To: selinux
Free memory allocated by map_ebitmap in case ebitmap_union fails.
Fixes:
Defect type: RESOURCE_LEAK
libsepol-3.10/src/expand.c:828:2: alloc_arg: "map_ebitmap" allocates memory that is stored into "mapped.node".
libsepol-3.10/src/expand.c:68:3: alloc_arg: "ebitmap_set_bit" allocates memory that is stored into "dst->node".
libsepol-3.10/src/ebitmap.c:420:2: alloc_fn: Storage is returned from allocation function "malloc".
libsepol-3.10/src/ebitmap.c:420:2: assign: Assigning: "new" = "(ebitmap_node_t *)malloc(24UL)".
libsepol-3.10/src/ebitmap.c:437:3: assign: Assigning: "e->node" = "new".
libsepol-3.10/src/expand.c:831:3: leaked_storage: Variable "mapped" going out of scope leaks the storage "mapped.node" points to.
\# 829| return -1;
\# 830| if (ebitmap_union(&new_role->dominates, &mapped))
\# 831|-> return -1;
\# 832| ebitmap_destroy(&mapped);
\# 833|
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
---
No changes, only added "Signed-off-by".
libsepol/src/expand.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
index 5b2b7b03..c7978948 100644
--- a/libsepol/src/expand.c
+++ b/libsepol/src/expand.c
@@ -827,8 +827,10 @@ static int role_dominates_copy_callback(hashtab_key_t key __attribute__ ((unused
if (map_ebitmap(&role->dominates, &mapped, state->rolemap))
return -1;
- if (ebitmap_union(&new_role->dominates, &mapped))
+ if (ebitmap_union(&new_role->dominates, &mapped)) {
+ ebitmap_destroy(&mapped);
return -1;
+ }
ebitmap_destroy(&mapped);
return 0;
--
2.53.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH v2] libsepol: Fix memory leak in role_dominates_copy_callback
2026-04-28 21:34 ` [PATCH v2] " Vit Mojzis
@ 2026-04-29 13:32 ` Petr Lautrbach
2026-05-12 18:05 ` James Carter
0 siblings, 1 reply; 5+ messages in thread
From: Petr Lautrbach @ 2026-04-29 13:32 UTC (permalink / raw)
To: Vit Mojzis, selinux
Vit Mojzis <vmojzis@redhat.com> writes:
> Free memory allocated by map_ebitmap in case ebitmap_union fails.
>
> Fixes:
> Defect type: RESOURCE_LEAK
> libsepol-3.10/src/expand.c:828:2: alloc_arg: "map_ebitmap" allocates memory that is stored into "mapped.node".
> libsepol-3.10/src/expand.c:68:3: alloc_arg: "ebitmap_set_bit" allocates memory that is stored into "dst->node".
> libsepol-3.10/src/ebitmap.c:420:2: alloc_fn: Storage is returned from allocation function "malloc".
> libsepol-3.10/src/ebitmap.c:420:2: assign: Assigning: "new" = "(ebitmap_node_t *)malloc(24UL)".
> libsepol-3.10/src/ebitmap.c:437:3: assign: Assigning: "e->node" = "new".
> libsepol-3.10/src/expand.c:831:3: leaked_storage: Variable "mapped" going out of scope leaks the storage "mapped.node" points to.
> \# 829| return -1;
> \# 830| if (ebitmap_union(&new_role->dominates, &mapped))
> \# 831|-> return -1;
> \# 832| ebitmap_destroy(&mapped);
> \# 833|
>
> Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Acked-by: Petr Lautrbach <lautrbach@redhat.com>
> ---
> No changes, only added "Signed-off-by".
>
> libsepol/src/expand.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
> index 5b2b7b03..c7978948 100644
> --- a/libsepol/src/expand.c
> +++ b/libsepol/src/expand.c
> @@ -827,8 +827,10 @@ static int role_dominates_copy_callback(hashtab_key_t key __attribute__ ((unused
>
> if (map_ebitmap(&role->dominates, &mapped, state->rolemap))
> return -1;
> - if (ebitmap_union(&new_role->dominates, &mapped))
> + if (ebitmap_union(&new_role->dominates, &mapped)) {
> + ebitmap_destroy(&mapped);
> return -1;
> + }
> ebitmap_destroy(&mapped);
>
> return 0;
> --
> 2.53.0
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2] libsepol: Fix memory leak in role_dominates_copy_callback
2026-04-29 13:32 ` Petr Lautrbach
@ 2026-05-12 18:05 ` James Carter
0 siblings, 0 replies; 5+ messages in thread
From: James Carter @ 2026-05-12 18:05 UTC (permalink / raw)
To: Petr Lautrbach; +Cc: Vit Mojzis, selinux
On Wed, Apr 29, 2026 at 9:35 AM Petr Lautrbach <lautrbach@redhat.com> wrote:
>
> Vit Mojzis <vmojzis@redhat.com> writes:
>
> > Free memory allocated by map_ebitmap in case ebitmap_union fails.
> >
> > Fixes:
> > Defect type: RESOURCE_LEAK
> > libsepol-3.10/src/expand.c:828:2: alloc_arg: "map_ebitmap" allocates memory that is stored into "mapped.node".
> > libsepol-3.10/src/expand.c:68:3: alloc_arg: "ebitmap_set_bit" allocates memory that is stored into "dst->node".
> > libsepol-3.10/src/ebitmap.c:420:2: alloc_fn: Storage is returned from allocation function "malloc".
> > libsepol-3.10/src/ebitmap.c:420:2: assign: Assigning: "new" = "(ebitmap_node_t *)malloc(24UL)".
> > libsepol-3.10/src/ebitmap.c:437:3: assign: Assigning: "e->node" = "new".
> > libsepol-3.10/src/expand.c:831:3: leaked_storage: Variable "mapped" going out of scope leaks the storage "mapped.node" points to.
> > \# 829| return -1;
> > \# 830| if (ebitmap_union(&new_role->dominates, &mapped))
> > \# 831|-> return -1;
> > \# 832| ebitmap_destroy(&mapped);
> > \# 833|
> >
> > Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
>
> Acked-by: Petr Lautrbach <lautrbach@redhat.com>
>
Merged.
Thanks,
Jim
> > ---
> > No changes, only added "Signed-off-by".
> >
> > libsepol/src/expand.c | 4 +++-
> > 1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
> > index 5b2b7b03..c7978948 100644
> > --- a/libsepol/src/expand.c
> > +++ b/libsepol/src/expand.c
> > @@ -827,8 +827,10 @@ static int role_dominates_copy_callback(hashtab_key_t key __attribute__ ((unused
> >
> > if (map_ebitmap(&role->dominates, &mapped, state->rolemap))
> > return -1;
> > - if (ebitmap_union(&new_role->dominates, &mapped))
> > + if (ebitmap_union(&new_role->dominates, &mapped)) {
> > + ebitmap_destroy(&mapped);
> > return -1;
> > + }
> > ebitmap_destroy(&mapped);
> >
> > return 0;
> > --
> > 2.53.0
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2026-05-12 18:05 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-03-17 21:11 [PATCH] libsepol: Fix memory leak in role_dominates_copy_callback Vit Mojzis
2026-04-28 5:33 ` Petr Lautrbach
2026-04-28 21:34 ` [PATCH v2] " Vit Mojzis
2026-04-29 13:32 ` Petr Lautrbach
2026-05-12 18:05 ` James Carter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox