diff options
author | csjp <csjp@FreeBSD.org> | 2008-05-27 14:18:02 +0000 |
---|---|---|
committer | csjp <csjp@FreeBSD.org> | 2008-05-27 14:18:02 +0000 |
commit | 6ccab77b96bed8c517a00f65a428da4d3865f6dc (patch) | |
tree | 5e8e86b52ed1bfc8d8ebe6a765f84055a63cfe1c /sys/security | |
parent | b2c0be3ce71740a6bff5561b0c05cff9501de630 (diff) | |
download | FreeBSD-src-6ccab77b96bed8c517a00f65a428da4d3865f6dc.zip FreeBSD-src-6ccab77b96bed8c517a00f65a428da4d3865f6dc.tar.gz |
Plug a memory leak which can occur when multiple MAC policies are loaded
which label mbufs. This leak can occur if one policy successfully allocates
label storage and subsequent allocations from other policies fail.
Spotted by: rwatson
MFC after: 1 week
Diffstat (limited to 'sys/security')
-rw-r--r-- | sys/security/mac/mac_inet.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/sys/security/mac/mac_inet.c b/sys/security/mac/mac_inet.c index cdf9b69..9356cd0 100644 --- a/sys/security/mac/mac_inet.c +++ b/sys/security/mac/mac_inet.c @@ -369,6 +369,10 @@ mac_syncache_init(struct label **label) * allocation failures back to the syncache code. */ MAC_CHECK(syncache_init_label, *label, M_NOWAIT); + if (error) { + MAC_PERFORM(syncache_destroy_label, *label); + mac_labelzone_free(*label); + } return (error); } |