On Thu, Jul 2, 2026 at 9:53 PM Wang Yan <[email protected]> wrote:
>
> The calloc-allocated buffer in attr_lsm_count() is never released on
> any exit path, including both the normal return path and the early
> return when read_sysfs_lsms fails, resulting in a heap memory leak.
>
> Add free() for the buffer on all return branches to fix the leak.
>
> Fixes: d3d929a8b0cd ("LSM: selftests for Linux Security Module syscalls")
> Signed-off-by: Wang Yan <[email protected]>
> ---
> tools/testing/selftests/lsm/common.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/tools/testing/selftests/lsm/common.c
> b/tools/testing/selftests/lsm/common.c
> index 9ad258912646..4fa8310750a0 100644
> --- a/tools/testing/selftests/lsm/common.c
> +++ b/tools/testing/selftests/lsm/common.c
> @@ -76,6 +76,7 @@ int attr_lsm_count(void)
> return 0;
>
> if (read_sysfs_lsms(names, sysconf(_SC_PAGESIZE)))
> + free(names);
> return 0;
Did you test this, let alone even compile it? All the C code after
this return is dead code.
Please ensure that you test and compile your patches checking for
warnings. Sending
untested patches is "spammy".
>
> if (strstr(names, "selinux"))
> @@ -85,5 +86,6 @@ int attr_lsm_count(void)
> if (strstr(names, "apparmor"))
> count++;
>
> + free(names);
Do this instead:
if (read_sysfs_lsms(names, sysconf(_SC_PAGESIZE)))
goto out;
<existing code>
out:
free(names);
> return count;
> }
> --
> 2.25.1
>
>