From f18f9e5ea155015b4b2ad6c9ba6ce5e0e3b30646 Mon Sep 17 00:00:00 2001 From: Vit Mojzis Date: Fri, 25 Oct 2024 20:30:14 +0200 Subject: [PATCH] libselinux/matchpathcon: RESOURCE_LEAK: Variable "con" Fixes: Error: RESOURCE_LEAK (CWE-772): libselinux-3.6/src/matchpathcon.c:519: alloc_arg: "lgetfilecon_raw" allocates memory that is stored into "con". [Note: The source code implementation of the function has been overridden by a user model.] libselinux-3.6/src/matchpathcon.c:528: leaked_storage: Variable "con" going out of scope leaks the storage it points to. \# 526| \# 527| if (!hnd && (matchpathcon_init_prefix(NULL, NULL) < 0)) \# 528|-> return -1; \# 529| \# 530| if (selabel_lookup_raw(hnd, &fcontext, path, mode) != 0) { Signed-off-by: Vit Mojzis Acked-by: James Carter --- libselinux/src/matchpathcon.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c index e44734c31..967520e48 100644 --- a/libselinux/src/matchpathcon.c +++ b/libselinux/src/matchpathcon.c @@ -524,8 +524,10 @@ int selinux_file_context_verify(const char *path, mode_t mode) return 0; } - if (!hnd && (matchpathcon_init_prefix(NULL, NULL) < 0)) + if (!hnd && (matchpathcon_init_prefix(NULL, NULL) < 0)){ + freecon(con); return -1; + } if (selabel_lookup_raw(hnd, &fcontext, path, mode) != 0) { if (errno != ENOENT)