[apparmor] PATCH [3/3] - Fix leaking of screened logged messages
John Johansen
john.johansen at canonical.com
Thu Sep 9 17:09:59 BST 2010
AppArmor notify is not freeing up messages that are not reported
Index: utils/apparmor_notify
===================================================================
--- utils.orig/apparmor_notify 2010-09-09 08:50:27.684193402 -0700
+++ utils/apparmor_notify 2010-09-09 08:51:27.634191991 -0700
@@ -224,14 +224,14 @@
my $since = 0;
if (defined($date) and $#params > 0 and $params[1] =~ /^[0-9]+$/) {
$since = int($params[1]);
- int($date) >= $since or return ();
+ int($date) >= $since or goto err;
}
# ignore all but status and denied messages
my $type = LibAppArmor::aa_log_record::swig_event_get($test);
$type == $LibAppArmor::AA_RECORD_DENIED ||
- $type == $LibAppArmor::AA_RECORD_STATUS or return ();
+ $type == $LibAppArmor::AA_RECORD_STATUS or goto err;
my $profile = LibAppArmor::aa_log_record::swig_profile_get($test);
my $operation = LibAppArmor::aa_log_record::swig_operation_get($test);
@@ -242,6 +242,10 @@
LibAppArmorc::free_record($test);
return ($profile, $operation, $name, $denied, $family, $sock_type, $date);
+
+err:
+ LibAppArmorc::free_record($test);
+ return ();
}
sub format_message {
More information about the AppArmor
mailing list