diff --git a/backport-selinux-free-memory-in-error-branch.patch b/backport-selinux-free-memory-in-error-branch.patch new file mode 100644 index 0000000000000000000000000000000000000000..cf511070f006d80a38067f12914181f247c65a4b --- /dev/null +++ b/backport-selinux-free-memory-in-error-branch.patch @@ -0,0 +1,92 @@ +From 48f66b6aaad256cf196754cf96fb331773a6e5d4 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Fri, 18 Oct 2024 17:12:58 +0200 +Subject: [PATCH] selinux: free memory in error branch +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Free the allocated line if it fails to parse via process_line() for the +X or media database. + +Also declare the line_buf parameter of process_line() const, so it is +more obvious it is not modified or free'd. + +Reported-by: clang-analyzer +Signed-off-by: Christian Göttsche +Acked-by: James Carter +--- + src/label_media.c | 6 +++--- + src/label_x.c | 6 +++--- + 2 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/label_media.c b/src/label_media.c +index bae065c12a..d535ef8601 100644 +--- a/src/label_media.c ++++ b/src/label_media.c +@@ -30,12 +30,12 @@ struct saved_data { + spec_t *spec_arr; + }; + +-static int process_line(const char *path, char *line_buf, int pass, ++static int process_line(const char *path, const char *line_buf, int pass, + unsigned lineno, struct selabel_handle *rec) + { + struct saved_data *data = (struct saved_data *)rec->data; + int items; +- char *buf_p; ++ const char *buf_p; + char *key, *context; + + buf_p = line_buf; +@@ -145,7 +145,6 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, + rewind(fp); + } + } +- free(line_buf); + + status = digest_add_specfile(rec->digest, fp, NULL, sb.st_size, path); + if (status) +@@ -154,6 +153,7 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, + digest_gen_hash(rec->digest); + + finish: ++ free(line_buf); + fclose(fp); + return status; + } +diff --git a/src/label_x.c b/src/label_x.c +index ddae4f6c22..c0d1d4752a 100644 +--- a/src/label_x.c ++++ b/src/label_x.c +@@ -32,12 +32,12 @@ struct saved_data { + spec_t *spec_arr; + }; + +-static int process_line(const char *path, char *line_buf, int pass, ++static int process_line(const char *path, const char *line_buf, int pass, + unsigned lineno, struct selabel_handle *rec) + { + struct saved_data *data = (struct saved_data *)rec->data; + int items; +- char *buf_p; ++ const char *buf_p; + char *type, *key, *context; + + buf_p = line_buf; +@@ -172,7 +172,6 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, + rewind(fp); + } + } +- free(line_buf); + + status = digest_add_specfile(rec->digest, fp, NULL, sb.st_size, path); + if (status) +@@ -181,6 +180,7 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, + digest_gen_hash(rec->digest); + + finish: ++ free(line_buf); + fclose(fp); + return status; + } diff --git a/libselinux.spec b/libselinux.spec index e9cfba3f68aede973219b0dbed9ce406d2c352e8..b057e42207c168e7d5cfc4ad71509cad2c2e2aaf 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -3,7 +3,7 @@ Name: libselinux Version: 3.3 -Release: 8 +Release: 9 License: Public Domain Summary: SELinux library and simple utilities Url: https://github.com/SELinuxProject/selinux/wiki @@ -50,6 +50,7 @@ Patch6037: backport-libselinux-set-free-d-data-to-NULL.patch Patch6038: backport-libselinux-matchpathcon-RESOURCE_LEAK-Variable-con.patch Patch6039: backport-libselinux-Close-old-selabel-handle-when-setting-a-n.patch Patch6040: backport-libselinux-initialize-regex-arch-string-in-a-thread-.patch +Patch6041: backport-selinux-free-memory-in-error-branch.patch Patch9000: do-malloc-trim-after-load-policy.patch @@ -170,6 +171,9 @@ mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist %{_mandir}/ru/man8/* %changelog +* Mon Sep 01 2025 yanglongkang - 3.3-9 +- backport upstream patches + * Thu Aug 14 2025 hugel - 3.3-8 - backport upstream patches