[CRIU] [PATCH] lsm: don't leak apparmor string in the case of "unconfined"
Tycho Andersen
tycho.andersen at canonical.com
Thu Dec 17 08:15:52 PST 2015
Noticed this when I was looking over the LSM code for Cyrill's task =>
thread creds set. We set this to null to save some work later, but we
forget to free it first.
Signed-off-by: Tycho Andersen <tycho.andersen at canonical.com>
---
lsm.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/lsm.c b/lsm.c
index de40c7b..158caf0 100644
--- a/lsm.c
+++ b/lsm.c
@@ -53,8 +53,10 @@ static int apparmor_get_label(pid_t pid, char **profile_name)
* An "unconfined" value means there is no profile, so we don't need to
* worry about trying to restore one.
*/
- if (strcmp(*profile_name, "unconfined") == 0)
+ if (strcmp(*profile_name, "unconfined") == 0) {
+ free(*profile_name);
*profile_name = NULL;
+ }
return 0;
}
--
2.5.0
More information about the CRIU
mailing list