[apparmor] [patch] fix log parsing memory leaks

Steve Beattie steve at nxnw.org
Fri Jul 11 22:24:29 UTC 2014


This patch fixes some memory leaks in the libapparmor log parsing functions,
specifically around handling records obtained from syslog and records
containing network addresses.

Bug: https://bugs.launchpad.net/bugs/1340927
Signed-off-by: Steve Beattie <steve at nxnw.org>
---
 libraries/libapparmor/src/grammar.y       |   16 +++++++++-------
 libraries/libapparmor/src/libaalogparse.c |    4 ++++
 2 files changed, 13 insertions(+), 7 deletions(-)

Index: b/libraries/libapparmor/src/grammar.y
===================================================================
--- a/libraries/libapparmor/src/grammar.y
+++ b/libraries/libapparmor/src/grammar.y
@@ -196,15 +196,15 @@ other_audit: TOK_TYPE_OTHER audit_msg TO
 
 syslog_type:
 	  syslog_date TOK_ID TOK_SYSLOG_KERNEL audit_id key_list
-	  { ret_record->version = AA_RECORD_SYNTAX_V2; }
+	  { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); }
 	| syslog_date TOK_ID TOK_SYSLOG_KERNEL key_type audit_id key_list
-	  { ret_record->version = AA_RECORD_SYNTAX_V2; }
+	  { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); }
 	| syslog_date TOK_ID TOK_SYSLOG_KERNEL TOK_DMESG_STAMP audit_id key_list
-	  { ret_record->version = AA_RECORD_SYNTAX_V2; }
+	  { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); free($4); }
 	| syslog_date TOK_ID TOK_SYSLOG_KERNEL TOK_DMESG_STAMP key_type audit_id key_list
-	  { ret_record->version = AA_RECORD_SYNTAX_V2; }
+	  { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); free($4); }
 	| syslog_date TOK_ID TOK_SYSLOG_USER key_list
-	  { ret_record->version = AA_RECORD_SYNTAX_V2; }
+	  { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); }
 	;
 
 /* when audit dispatches a message it doesn't prepend the audit type string */
@@ -229,8 +229,10 @@ audit_id: TOK_AUDIT TOK_OPEN_PAREN TOK_A
 		free($7);
 	} ;
 
-syslog_date: TOK_DATE_MONTH TOK_DIGITS TOK_TIME { /* do nothing? */ }
-	| TOK_DATE TOK_TIME { /* do nothing */ }
+syslog_date: TOK_DATE_MONTH TOK_DIGITS TOK_TIME
+		{ free($1); free($3); /* do nothing */ }
+	| TOK_DATE TOK_TIME
+		{ free($1); free($2); /* do nothing */ }
 	;
 
 key_list: key
Index: b/libraries/libapparmor/src/libaalogparse.c
===================================================================
--- a/libraries/libapparmor/src/libaalogparse.c
+++ b/libraries/libapparmor/src/libaalogparse.c
@@ -81,6 +81,10 @@ void free_record(aa_log_record *record)
 			free(record->net_protocol);
 		if (record->net_sock_type != NULL)
 			free(record->net_sock_type);
+		if (record->net_local_addr != NULL)
+			free(record->net_local_addr);
+		if (record->net_foreign_addr != NULL)
+			free(record->net_foreign_addr);
 		if (record->dbus_bus != NULL)
 			free(record->dbus_bus);
 		if (record->dbus_path != NULL)

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140711/6598ddcb/attachment.pgp>


More information about the AppArmor mailing list