This patch fixes some memory leaks in the libapparmor log parsing functions, specifically around handling records obtained from syslog and records containing network addresses.
Bug: https://bugs.launchpad.net/bugs/1340927 Signed-off-by: Steve Beattie <st...@nxnw.org> --- libraries/libapparmor/src/grammar.y | 16 +++++++++------- libraries/libapparmor/src/libaalogparse.c | 4 ++++ 2 files changed, 13 insertions(+), 7 deletions(-) Index: b/libraries/libapparmor/src/grammar.y =================================================================== --- a/libraries/libapparmor/src/grammar.y +++ b/libraries/libapparmor/src/grammar.y @@ -196,15 +196,15 @@ other_audit: TOK_TYPE_OTHER audit_msg TO syslog_type: syslog_date TOK_ID TOK_SYSLOG_KERNEL audit_id key_list - { ret_record->version = AA_RECORD_SYNTAX_V2; } + { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); } | syslog_date TOK_ID TOK_SYSLOG_KERNEL key_type audit_id key_list - { ret_record->version = AA_RECORD_SYNTAX_V2; } + { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); } | syslog_date TOK_ID TOK_SYSLOG_KERNEL TOK_DMESG_STAMP audit_id key_list - { ret_record->version = AA_RECORD_SYNTAX_V2; } + { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); free($4); } | syslog_date TOK_ID TOK_SYSLOG_KERNEL TOK_DMESG_STAMP key_type audit_id key_list - { ret_record->version = AA_RECORD_SYNTAX_V2; } + { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); free($4); } | syslog_date TOK_ID TOK_SYSLOG_USER key_list - { ret_record->version = AA_RECORD_SYNTAX_V2; } + { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); } ; /* when audit dispatches a message it doesn't prepend the audit type string */ @@ -229,8 +229,10 @@ audit_id: TOK_AUDIT TOK_OPEN_PAREN TOK_A free($7); } ; -syslog_date: TOK_DATE_MONTH TOK_DIGITS TOK_TIME { /* do nothing? */ } - | TOK_DATE TOK_TIME { /* do nothing */ } +syslog_date: TOK_DATE_MONTH TOK_DIGITS TOK_TIME + { free($1); free($3); /* do nothing */ } + | TOK_DATE TOK_TIME + { free($1); free($2); /* do nothing */ } ; key_list: key Index: b/libraries/libapparmor/src/libaalogparse.c =================================================================== --- a/libraries/libapparmor/src/libaalogparse.c +++ b/libraries/libapparmor/src/libaalogparse.c @@ -81,6 +81,10 @@ void free_record(aa_log_record *record) free(record->net_protocol); if (record->net_sock_type != NULL) free(record->net_sock_type); + if (record->net_local_addr != NULL) + free(record->net_local_addr); + if (record->net_foreign_addr != NULL) + free(record->net_foreign_addr); if (record->dbus_bus != NULL) free(record->dbus_bus); if (record->dbus_path != NULL) -- Steve Beattie <sbeat...@ubuntu.com> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor