pam_namespace: free SELinux context on error path - pam.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Iker Pedrosa <ipedrosa@redhat.com>	2024-05-22 12:29:07 +0200
committer	Dmitry V. Levin <ldv@strace.io>	2024-05-23 10:25:09 +0000
commit	bd2f695b3d89efe0c52bba975f9540634125178a (patch)
tree	d23aa3a32bf70587493c38f336b6ee7003c2c0d4 /libpamc
parent	667204d7e3e4a0341c529f7566d62dd64dd80866 (diff)
download	pam-bd2f695b3d89efe0c52bba975f9540634125178a.tar.gz pam-bd2f695b3d89efe0c52bba975f9540634125178a.tar.bz2 pam-bd2f695b3d89efe0c52bba975f9540634125178a.zip

pam_namespace: free SELinux context on error path

* modules/pam_namespace/pam_namespace.c (create_polydir) [WITH_SELINUX]: Free SELinux context in case of an error. ``` Error: RESOURCE_LEAK (CWE-772): Linux-PAM-1.6.0/modules/pam_namespace/pam_namespace.c:1433: alloc_arg: "getfscreatecon_raw" allocates memory that is stored into "oldcon_raw". Linux-PAM-1.6.0/modules/pam_namespace/pam_namespace.c:1462: leaked_storage: Variable "oldcon_raw" going out of scope leaks the storage it points to. 1460| pam_syslog(idata->pamh, LOG_ERR, 1461| "Error creating directory %s: %m", dir); 1462|-> return PAM_SESSION_ERR; 1463| } 1464| ``` Resolves: https://issues.redhat.com/browse/RHEL-36475 Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

Diffstat (limited to 'libpamc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: