Date: Wed, 31 Jan 2007 22:00:03 +0800 From: "Liu Jian" <gjk.liu@gmail.com> To: trustedbsd-discuss@FreeBSD.org Subject: memory leak in libselinux Message-ID: <8c2dc7030701310600j536744e0h6712aae77f51a394@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Dear All,
We have found a memory leak in libselinux. The following is the
function "fsetfilecon_raw" in "setfilecon.c" with comments added by
myself.
int setfilecon_raw(const char *path, security_context_t context)
{
mac_t mac;
char tmp[strlen(context) + strlen("sebsd/0")];
int r;
if (mac_prepare(&mac, "sebsd")) //malloc(sizeof(**mac)) is
called firstly in mac_prepare
return -1;
strcpy(tmp, "sebsd/");
strcat(tmp, context);
if (mac_from_text(&mac, tmp)) { //malloc(sizeof(**mac)) is
called secondly in mac_prepare
mac_free(mac); // moreover,
the first malloced mac is lost.
return -1;
}
r = mac_set_file(path, mac);
mac_free(mac);
return r;
}
As the program shows that a mac is firstly malloced at mac_prepare
(here, pls refer the defintion of mac_prepare in mac.c at libc), and
after that a new malloc(sizeof(**mac)) is called in
mac_from_text(also pls refer to mac.c at libc). Moreover, the first
malloced mac is lost here and memory leak occurs.
The same situation also appears in "setcon.c, lsetfilecon.c,
setexeccon.c and setfilescon.c".
This memory leak will suck a lots when runing setfiles program.
by Liu Jian
----------
email to: GJK.Liu@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8c2dc7030701310600j536744e0h6712aae77f51a394>