selinux: fix a possible memory leak in cond_read_node()

The cond_read_node() should free the given node on error path as it's not linked to p->cond_list yet. This is done via cond_node_destroy() but it's not called when next_entry() fails before the expr loop. Signed-off-by: Namhyung Kim <namhyung@kernel.org> Signed-off-by: Paul Moore <pmoore@redhat.com> Signed-off-by: Pranav Vashi <neobuddy89@gmail.com>
author: Namhyung Kim <namhyung@kernel.org> 2014-06-15 01:19:02 +0900
committer: Mister Oyster <oysterized@gmail.com> 2017-05-24 02:55:20 +0200
commit: 983b50c955c01182e809679f00d0e799d2177425 (patch)
tree: 3592409cf1e5c9a11a9b38e91e1dc76d32a6b2a6 /security/selinux
parent: 1d2dc9679e5719e1649335b22dec4daceeeb2dd1 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index d5d4d8316..456e1a9bc 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -405,7 +405,7 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp)
 
 	rc = next_entry(buf, fp, sizeof(u32) * 2);
 	if (rc)
-		return rc;
+		goto err;
 
 	node->cur_state = le32_to_cpu(buf[0]);
author	Namhyung Kim <namhyung@kernel.org>	2014-06-15 01:19:02 +0900
committer	Mister Oyster <oysterized@gmail.com>	2017-05-24 02:55:20 +0200
commit	983b50c955c01182e809679f00d0e799d2177425 (patch)
tree	3592409cf1e5c9a11a9b38e91e1dc76d32a6b2a6 /security/selinux
parent	1d2dc9679e5719e1649335b22dec4daceeeb2dd1 (diff)