[2.6 patch] security/selinux/netlabel.c: fix double free

From: Adrian Bunk
Date: Mon Jan 28 2008 - 17:09:31 EST


This patch fixes a double free (security_netlbl_sid_to_secattr() already
calls netlbl_secattr_destroy() when it returns !0) introduced by
commit 45c950e0f839fded922ebc0bfd59b1081cc71b70 and spotted by the
Coverity checker.

Signed-off-by: Adrian Bunk <bunk@xxxxxxxxxx>

---
--- linux-2.6/security/selinux/netlabel.c.old 2008-01-23 00:38:19.000000000 +0200
+++ linux-2.6/security/selinux/netlabel.c 2008-01-23 00:39:09.000000000 +0200
@@ -58,22 +58,22 @@ static int selinux_netlbl_sock_setsid(st
rc = security_netlbl_sid_to_secattr(sid, &secattr);
if (rc != 0)
goto sock_setsid_return;
rc = netlbl_sock_setattr(sk, &secattr);
if (rc == 0) {
spin_lock_bh(&sksec->nlbl_lock);
sksec->nlbl_state = NLBL_LABELED;
spin_unlock_bh(&sksec->nlbl_lock);
}

-sock_setsid_return:
netlbl_secattr_destroy(&secattr);
+sock_setsid_return:
return rc;
}

/**
* selinux_netlbl_cache_invalidate - Invalidate the NetLabel cache
*
* Description:
* Invalidate the NetLabel security attribute mapping cache.
*
*/

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/