[apparmor] [patch] fix log parsing memory leaks

[Steve Beattie]

This patch fixes some memory leaks in the libapparmor log parsing functions,
specifically around handling records obtained from syslog and records
containing network addresses.

Bug: https://bugs.launchpad.net/bugs/1340927
Signed-off-by: Steve Beattie <st...@nxnw.org>
---
 libraries/libapparmor/src/grammar.y       |   16 +++++++++-------
 libraries/libapparmor/src/libaalogparse.c |    4 ++++
 2 files changed, 13 insertions(+), 7 deletions(-)

Index: b/libraries/libapparmor/src/grammar.y
===================================================================
--- a/libraries/libapparmor/src/grammar.y
+++ b/libraries/libapparmor/src/grammar.y
@@ -196,15 +196,15 @@ other_audit: TOK_TYPE_OTHER audit_msg TO
 
 syslog_type:
          syslog_date TOK_ID TOK_SYSLOG_KERNEL audit_id key_list
-         { ret_record->version = AA_RECORD_SYNTAX_V2; }
+         { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); }
        | syslog_date TOK_ID TOK_SYSLOG_KERNEL key_type audit_id key_list
-         { ret_record->version = AA_RECORD_SYNTAX_V2; }
+         { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); }
        | syslog_date TOK_ID TOK_SYSLOG_KERNEL TOK_DMESG_STAMP audit_id key_list
-         { ret_record->version = AA_RECORD_SYNTAX_V2; }
+         { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); free($4); }
        | syslog_date TOK_ID TOK_SYSLOG_KERNEL TOK_DMESG_STAMP key_type 
audit_id key_list
-         { ret_record->version = AA_RECORD_SYNTAX_V2; }
+         { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); free($4); }
        | syslog_date TOK_ID TOK_SYSLOG_USER key_list
-         { ret_record->version = AA_RECORD_SYNTAX_V2; }
+         { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); }
        ;
 
 /* when audit dispatches a message it doesn't prepend the audit type string */
@@ -229,8 +229,10 @@ audit_id: TOK_AUDIT TOK_OPEN_PAREN TOK_A
                free($7);
        } ;
 
-syslog_date: TOK_DATE_MONTH TOK_DIGITS TOK_TIME { /* do nothing? */ }
-       | TOK_DATE TOK_TIME { /* do nothing */ }
+syslog_date: TOK_DATE_MONTH TOK_DIGITS TOK_TIME
+               { free($1); free($3); /* do nothing */ }
+       | TOK_DATE TOK_TIME
+               { free($1); free($2); /* do nothing */ }
        ;
 
 key_list: key
Index: b/libraries/libapparmor/src/libaalogparse.c
===================================================================
--- a/libraries/libapparmor/src/libaalogparse.c
+++ b/libraries/libapparmor/src/libaalogparse.c
@@ -81,6 +81,10 @@ void free_record(aa_log_record *record)
                        free(record->net_protocol);
                if (record->net_sock_type != NULL)
                        free(record->net_sock_type);
+               if (record->net_local_addr != NULL)
+                       free(record->net_local_addr);
+               if (record->net_foreign_addr != NULL)
+                       free(record->net_foreign_addr);
                if (record->dbus_bus != NULL)
                        free(record->dbus_bus);
                if (record->dbus_path != NULL)

-- 
Steve Beattie
<sbeat...@ubuntu.com>
http://NxNW.org/~steve/

signature.asc
Description: Digital signature

-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor