Received: by 10.213.65.68 with SMTP id h4csp665902imn; Tue, 27 Mar 2018 06:38:28 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+DdwopkELpb/E2OuByHew2JYUMjDhcLjHLtZCT/9/XFrlT2JqkjCmTSgcKBCr0ZYTkcPkR X-Received: by 2002:a17:902:b181:: with SMTP id s1-v6mr7234484plr.263.1522157908568; Tue, 27 Mar 2018 06:38:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522157908; cv=none; d=google.com; s=arc-20160816; b=vQvaLW83bhyXXcgfvCntTuGkvDpgKxUoRbWrS4hoDbNM8Aa8Dva72WeH+NTS2CaHaZ J1E67FtrUFGtfRa/KuYH8tn7qR802oUZpKUprwJXXkeqNPEhsp8QTrdp/pXLHU51ovSX ai+YILwA6IZJZDKBDz4MkVP6IpZkIS9Ww9lQOvKPxU2UrKVT2CmIbi6yDEotVllkOdsX fkp8V3VA1zvllyY9nPBTvknXGI7Bdw0NCvOdaZIxdjIFB4dC4krJi5ktLHRLqehGa6yZ 42I7I3x6aXladRxXrwYS+NChRm6E0MvYfdchFweu3DtZYOVnmXIB3HUHsIQ/d/+R9k/I 5BOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:arc-authentication-results; bh=7s+FvQ8fSVGvgwI5kUuJBPVNfXpqYD+YGsf/2VTLTgI=; b=S3yYeILNqePQRYPfcxM2CsDirto+J8lp+p1yzKqIWqLkUfgmmqGkXd2VRxzcMkoepX daS34TCO4kJ1iH/Y6Cr6FzcTQrQepsiLdh9L8Rr/5QK+jHlKhsM1x2XT3ZxOw8i86Bjc eOA0iEqJrs+U25ijvp5bfNTUT6Ll9XAx2kb3PBkKY7FGqfgw7VF81teLVvTax3Kk4DdT M8KDdiBTy/WwAKyEzwCSuQUxfFvIGRpuAQLnEZIXyzjG5i108EzZTLgIiWEKt3MY/ezX 6i2J8EJks4nttDp9ZDRwUHN/UN4ASxpPHkuxTU2leqJGBJNK1raoBmf7GtpM2ssgV63y xIHw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=canonical.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 65si889795pgj.618.2018.03.27.06.38.14; Tue, 27 Mar 2018 06:38:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752733AbeC0NgG (ORCPT + 99 others); Tue, 27 Mar 2018 09:36:06 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:45800 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752279AbeC0NgA (ORCPT ); Tue, 27 Mar 2018 09:36:00 -0400 Received: from 1.general.cking.uk.vpn ([10.172.193.212] helo=localhost) by youngberry.canonical.com with esmtpsa (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.76) (envelope-from ) id 1f0ola-0003ba-NZ; Tue, 27 Mar 2018 13:35:58 +0000 From: Colin King To: John Johansen , James Morris , linux-security-module@vger.kernel.org Cc: kernel-janitors@vger.kernel.org, "Serge E . Hallyn" , linux-kernel@vger.kernel.org Subject: [PATCH][next] apparmor: fix memory leak on buffer on error exit path Date: Tue, 27 Mar 2018 14:35:58 +0100 Message-Id: <20180327133558.13072-1-colin.king@canonical.com> X-Mailer: git-send-email 2.15.1 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Colin Ian King Currently on the error exit path the allocated buffer is not free'd causing a memory leak. Fix this by kfree'ing it. Detected by CoverityScan, CID#1466876 ("Resource leaks") Fixes: 1180b4c757aa ("apparmor: fix dangling symlinks to policy rawdata after replacement") Signed-off-by: Colin Ian King --- security/apparmor/apparmorfs.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index 96bb6b73af65..949dd8a48164 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -1497,8 +1497,10 @@ static char *gen_symlink_name(int depth, const char *dirname, const char *fname) } error = snprintf(s, size, "raw_data/%s/%s", dirname, fname); - if (error >= size || error < 0) + if (error >= size || error < 0) { + kfree(buffer); return ERR_PTR(-ENAMETOOLONG); + } return buffer; } -- 2.15.1