[apparmor] PATCH [3/3] - Fix leaking of screened logged messages
John Johansen
john.johansen at canonical.com
Thu Sep 9 17:50:02 BST 2010
On 09/09/2010 09:24 AM, Jamie Strandboge wrote:
> On Thu, 2010-09-09 at 09:09 -0700, John Johansen wrote:
>> AppArmor notify is not freeing up messages that are not reported
>>
>> Index: utils/apparmor_notify
>> ===================================================================
>> --- utils.orig/apparmor_notify 2010-09-09 08:50:27.684193402 -0700
>> +++ utils/apparmor_notify 2010-09-09 08:51:27.634191991 -0700
>> @@ -224,14 +224,14 @@
>> my $since = 0;
>> if (defined($date) and $#params > 0 and $params[1] =~ /^[0-9]+$/) {
>> $since = int($params[1]);
>> - int($date) >= $since or return ();
>> + int($date) >= $since or goto err;
>> }
>>
>> # ignore all but status and denied messages
>> my $type = LibAppArmor::aa_log_record::swig_event_get($test);
>>
>> $type == $LibAppArmor::AA_RECORD_DENIED ||
>> - $type == $LibAppArmor::AA_RECORD_STATUS or return ();
>> + $type == $LibAppArmor::AA_RECORD_STATUS or goto err;
>>
>> my $profile = LibAppArmor::aa_log_record::swig_profile_get($test);
>> my $operation = LibAppArmor::aa_log_record::swig_operation_get($test);
>> @@ -242,6 +242,10 @@
>> LibAppArmorc::free_record($test);
>>
>> return ($profile, $operation, $name, $denied, $family, $sock_type, $date);
>> +
>> +err:
>> + LibAppArmorc::free_record($test);
>> + return ();
>> }
>>
>> sub format_message {
>>
>
> Nice catch. ACK so long as we do this instead (based on feedback from
> patch 2/3 in this series):
> - $type == $LibAppArmor::AA_RECORD_DENIED or return ();
> + $type == $LibAppArmor::AA_RECORD_DENIED or goto err;
>
but off course, the patch won't apply without fixing that :)
More information about the AppArmor
mailing list