Skip to content

Commit

Permalink
libsepol/cil: free nlmsg hashtable on error
Browse files Browse the repository at this point in the history 
Free the hashtable for nlmsg xperm rules similar to the ioctl hashtable.

Fixes: 1fd41f4 ("libsepol/cil: add support for xperms in conditional policies")
Reported-by: oss-fuzz (issue 388376332)
Signed-off-by: Christian Göttsche <[email protected]>
Acked-by: James Carter <[email protected]>
  • Loading branch information
@cgzones @bachradsusi
cgzones authored and bachradsusi committed Jan 15, 2025
1 parent d13d13e commit 4dd442f
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions libsepol/cil/src/cil_binary.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2616,6 +2616,8 @@ int cil_booleanif_to_policydb(policydb_t *pdb, const struct cil_db *db, struct c
return SEPOL_OK;

exit:
hashtab_map(avrulex_nlmsg_table, __cil_avrulex_xperm_destroy, NULL);
hashtab_destroy(avrulex_nlmsg_table);
hashtab_map(avrulex_ioctl_table, __cil_avrulex_xperm_destroy, NULL);
hashtab_destroy(avrulex_ioctl_table);
if (tmp_cond) {
Expand Down

0 comments on commit 4dd442f

Please sign in to comment.