Commits

Alice Chu  committed b0e0162

Fix memory leak issues found by Klocwork

Change-Id: If324d424dc11df435c26b0da11e314c7608180f9

Comments (0)

Files changed (10)

File include/sepol/policydb/symtab.h

 } symtab_t;
 
 extern int symtab_init(symtab_t *, unsigned int size);
+extern void symtab_destroy(symtab_t *);
 
 #endif				/* _SYMTAB_H_ */
 

File src/expand.c

 	new_id = strdup(id);
 	if (!new_id) {
 		ERR(state->handle, "Out of memory!");
+		symtab_destroy(&new_common->permissions);
 		free(new_common);
 		return -1;
 	}
 			   (hashtab_datum_t *) new_common);
 	if (ret) {
 		ERR(state->handle, "hashtab overflow");
+		symtab_destroy(&new_common->permissions);
 		free(new_common);
 		free(new_id);
 		return -1;
 		new_id = strdup(id);
 		if (!new_id) {
 			ERR(state->handle, "Out of memory!");
+			free(new_role);
 			return -1;
 		}
 
 		new_id = strdup(id);
 		if (!new_id) {
 			ERR(state->handle, "Out of memory!");
+			free(new_user);
 			return -1;
 		}
 		ret = hashtab_insert(state->out->p_users.table,
 
 	if (cond_node_map_bools(state, tmp)) {
 		ERR(state->handle, "Error mapping booleans");
+		free(tmp);
 		return -1;
 	}
 
 		newgenfs->fstype = strdup(genfs->fstype);
 		if (!newgenfs->fstype) {
 			ERR(state->handle, "Out of memory!");
+			free(newgenfs);
 			return -1;
 		}
 
 			newc = malloc(sizeof(ocontext_t));
 			if (!newc) {
 				ERR(state->handle, "Out of memory!");
+				free(newgenfs->fstype);
+				free(newgenfs);
 				return -1;
 			}
 			memset(newc, 0, sizeof(ocontext_t));
 			newc->u.name = strdup(c->u.name);
 			if (!newc->u.name) {
 				ERR(state->handle, "Out of memory!");
+				free(newc);
+				free(newgenfs->fstype);
+				free(newgenfs);
 				return -1;
 			}
 			newc->v.sclass = c->v.sclass;

File src/genusers.c

 			ebitmap_init(&usrdatum->roles.roles);
 		} else {
 			char *id = strdup(q);
+			if (!id) {
+				ERR(NULL, "out of memory");
+				free(buffer);
+				fclose(fp);
+				return -1;
+			}
 
 			/* Adding a new user definition. */
 			usrdatum =
 			    (user_datum_t *) malloc(sizeof(user_datum_t));
-			if (!id || !usrdatum) {
+			if (!usrdatum) {
 				ERR(NULL, "out of memory");
 				free(buffer);
+				free(id);
 				fclose(fp);
 				return -1;
 			}
 					   id, (hashtab_datum_t) usrdatum)) {
 				ERR(NULL, "out of memory");
 				free(buffer);
+				free(id);
+				free(usrdatum);
 				fclose(fp);
 				return -1;
 			}

File src/hierarchy.c

 				args->numerr++;
 		}
 		cond_av_list_destroy(expl);
+		avtab_destroy(&expa);
 
 		/*
 		 * Check false condition
 			}
 			new_id = strdup(id);
 			if (new_id == NULL) {
+				symtab_destroy(&new_class->permissions);
 				ERR(state->handle, "Memory error\n");
 				ret = SEPOL_ERR;
 				goto err;
 					     (hashtab_key_t) new_id,
 					     (hashtab_datum_t) new_class);
 			if (ret) {
+				symtab_destroy(&new_class->permissions);
 				ERR(state->handle,
 				    "could not insert new class into symtab");
 				goto err;
 
 			if (new_rule->perms == NULL) {
 				new_rule->perms = new_perm;
-			} else {
+			} else if (tail_perm) {
 				tail_perm->next = new_perm;
 			}
 			tail_perm = new_perm;
 			new_decl->module_name = strdup(module->policy->name);
 			if (new_decl->module_name == NULL) {
 				ERR(state->handle, "Out of memory\n");
+				avrule_decl_destroy(new_decl);
 				ret = -1;
 				goto cleanup;
 			}
 
 		ret = copy_avrule_decl(state, module, decl, new_decl);
 		if (ret) {
+			avrule_decl_destroy(new_decl);
 			goto cleanup;
 		}
 

File src/policydb.c

 			 * decl chain in its correct order */
 			if (curblock->branch_list == NULL) {
 				curblock->branch_list = curdecl;
-			} else {
+			} else if (last_decl != NULL) {
 				last_decl->next = curdecl;
 			}
 			last_decl = curdecl;
 
 		if (*block == NULL) {
 			*block = curblock;
-		} else {
+		} else if (last_block != NULL) {
 			last_block->next = curblock;
 		}
 		last_block = curblock;

File src/policydb_convert.c

 	pf.handle = handle;
 
 	if (policydb_read(policydb, &pf, 0)) {
+		policydb_destroy(policydb);
 		ERR(handle, "policy image is invalid");
 		errno = EINVAL;
 		return STATUS_ERR;

File src/services.c

 		return -1;
 	}
 	if (policydb_read(&mypolicydb, &pf, 0)) {
+		policydb_destroy(&mypolicydb);
 		ERR(NULL, "can't read binary policy: %s", strerror(errno));
 		return -1;
 	}
 		return -ENOMEM;
 
 	if (policydb_read(&newpolicydb, fp, 1)) {
+		policydb_destroy(&newpolicydb);
 		return -EINVAL;
 	}
 

File src/symtab.c

 	return 0;
 }
 
+void symtab_destroy(symtab_t * s)
+{
+	if (!s)
+		return;
+	if (s->table)
+		hashtab_destroy(s->table);
+	return;
+}
 /* FLASK */
 	buf[0] = cpu_to_le32(key_len);
 	if (put_entry(buf, sizeof(*buf), 1, fp) != 1 ||
 	    put_entry(key, 1, key_len, fp) != key_len) {
+		free(dyn_buf);
 		return POLICYDB_ERROR;
 	}
 	buf[0] = cpu_to_le32(scope->scope);