diff options
| author | Bernard Zhao <bernard@vivo.com> | 2021-12-10 15:03:58 +0300 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2022-01-27 13:03:43 +0300 |
| commit | 3a45c47034918d5496e37eb3e2ffae9a1f30b7af (patch) | |
| tree | 7d53ace57774c623d96796115076d53f8037e63e /security | |
| parent | 7be5c25e31556f44bf7c4a2079184dcc93768c5d (diff) | |
| download | linux-3a45c47034918d5496e37eb3e2ffae9a1f30b7af.tar.xz | |
selinux: fix potential memleak in selinux_add_opt()
[ Upstream commit 2e08df3c7c4e4e74e3dd5104c100f0bf6288aaa8 ]
This patch try to fix potential memleak in error branch.
Fixes: ba6418623385 ("selinux: new helper - selinux_add_opt()")
Signed-off-by: Bernard Zhao <bernard@vivo.com>
[PM: tweak the subject line, add Fixes tag]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/selinux/hooks.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 9309e62d46ed..baa12d1007c7 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -987,18 +987,22 @@ out: static int selinux_add_opt(int token, const char *s, void **mnt_opts) { struct selinux_mnt_opts *opts = *mnt_opts; + bool is_alloc_opts = false; if (token == Opt_seclabel) /* eaten and completely ignored */ return 0; + if (!s) + return -ENOMEM; + if (!opts) { opts = kzalloc(sizeof(struct selinux_mnt_opts), GFP_KERNEL); if (!opts) return -ENOMEM; *mnt_opts = opts; + is_alloc_opts = true; } - if (!s) - return -ENOMEM; + switch (token) { case Opt_context: if (opts->context || opts->defcontext) @@ -1023,6 +1027,10 @@ static int selinux_add_opt(int token, const char *s, void **mnt_opts) } return 0; Einval: + if (is_alloc_opts) { + kfree(opts); + *mnt_opts = NULL; + } pr_warn(SEL_MOUNT_FAIL_MSG); return -EINVAL; } |