Gitiles
Code Review Sign In
review.blissroms.org / platform_external_selinux / 9feaf0380db5872a3120f537b0a26627d179bcec
commit9feaf0380db5872a3120f537b0a26627d179bcec[log] [tgz]
authorNicolas Iooss <nicolas.iooss@m4x.org>Sun Feb 19 11:30:57 2017 +0100
committerJames Carter <jwcart2@tycho.nsa.gov>Tue Feb 21 13:09:44 2017 -0500
treef44afbf22ae64e1aaad232d52ad6edb72f054b20
parent602385d70c769f2f65166079ae588957bc384030 [diff]
libsepol/cil: do not leak left-hand side of an invalid constraint

__cil_fill_constraint_expr() does not destroy the list associated with
the first operand of a two-operand operation when the second operand is
invalid.

This memory leak can be reproduced with the following policy:

    (constrain (files (read))
        (not (or (and (eq t1 exec_t) (%q t2 bin_t)) (eq r1 r2))))

This memory leak has been found by running clang's Address Sanitizer on
a set of policies generated from secilc/test/policy.cil by American
Fuzzy Lop.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
1 file changed
tree: f44afbf22ae64e1aaad232d52ad6edb72f054b20
  1. checkpolicy/
  2. dbus/
  3. gui/
  4. libselinux/
  5. libsemanage/
  6. libsepol/
  7. mcstrans/
  8. policycoreutils/
  9. python/
  10. restorecond/
  11. sandbox/
  12. scripts/
  13. secilc/
  14. semodule-utils/
  15. .gitignore
  16. .travis.yml
  17. CleanSpec.mk
  18. Makefile
  19. README