[apparmor] Memory leaks in parser/parser_regex.c (at least)

Seth Arnold seth.arnold at canonical.com
Thu Aug 27 22:31:44 UTC 2015


On Thu, Aug 27, 2015 at 01:44:58PM -0700, Steve Beattie wrote:
> It looks like the parser never drops it's reference to the policy cache
> object. This patch looks to fix the issue:
> 
> Signed-off-by: Steve Beattie <steve at nxnw.org>
> ---
>  parser/parser_main.c |    1 +
>  1 file changed, 1 insertion(+)
> 
> Index: b/parser/parser_main.c
> ===================================================================
> --- a/parser/parser_main.c
> +++ b/parser/parser_main.c
> @@ -992,6 +992,7 @@ int main(int argc, char *argv[])
>  
>  	if (ofile)
>  		fclose(ofile);
> +	aa_policy_cache_unref(policy_cache);
>  
>  	return last_error;
>  }

While this patch does look correct in itself, I'm curious if this
means the aa_policy_cache_unref() function has not been as tested as
we thought -- it might not have been run in production if it hasn't
been used here.  The other uses look conditional -- and perhaps only in
uncommon situations.

Acked-by: Seth Arnold <seth.arnold at canonical.com>

Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20150827/3f5a9847/attachment-0001.pgp>


More information about the AppArmor mailing list