Author: rwatson
Date: Mon Jul 9 08:42:54 2012
New Revision: 238285
URL: http://svn.freebsd.org/changeset/base/238285
Log:
Merge r234032 from head to stable/9:
When allocation of labels on files is implicitly disabled due to MAC
policy configuration, avoid leaking resources following failed calls
to get and set MAC labels by file descriptor.
Reported by: Mateusz Guzik <mjguzik at gmail.com> + clang scan-build
Approved by: re (kib)
Modified:
stable/9/sys/security/mac/mac_syscalls.c
Directory Properties:
stable/9/sys/ (props changed)
Modified: stable/9/sys/security/mac/mac_syscalls.c
==============================================================================
--- stable/9/sys/security/mac/mac_syscalls.c Mon Jul 9 08:37:59 2012
(r238284)
+++ stable/9/sys/security/mac/mac_syscalls.c Mon Jul 9 08:42:54 2012
(r238285)
@@ -256,8 +256,10 @@ sys___mac_get_fd(struct thread *td, stru
switch (fp->f_type) {
case DTYPE_FIFO:
case DTYPE_VNODE:
- if (!(mac_labeled & MPC_OBJECT_VNODE))
- return (EINVAL);
+ if (!(mac_labeled & MPC_OBJECT_VNODE)) {
+ error = EINVAL;
+ goto out_fdrop;
+ }
vp = fp->f_vnode;
intlabel = mac_vnode_label_alloc();
vfslocked = VFS_LOCK_GIANT(vp->v_mount);
@@ -271,8 +273,10 @@ sys___mac_get_fd(struct thread *td, stru
break;
case DTYPE_PIPE:
- if (!(mac_labeled & MPC_OBJECT_PIPE))
- return (EINVAL);
+ if (!(mac_labeled & MPC_OBJECT_PIPE)) {
+ error = EINVAL;
+ goto out_fdrop;
+ }
pipe = fp->f_data;
intlabel = mac_pipe_label_alloc();
PIPE_LOCK(pipe);
@@ -284,8 +288,10 @@ sys___mac_get_fd(struct thread *td, stru
break;
case DTYPE_SOCKET:
- if (!(mac_labeled & MPC_OBJECT_SOCKET))
- return (EINVAL);
+ if (!(mac_labeled & MPC_OBJECT_SOCKET)) {
+ error = EINVAL;
+ goto out_fdrop;
+ }
so = fp->f_data;
intlabel = mac_socket_label_alloc(M_WAITOK);
SOCK_LOCK(so);
@@ -299,10 +305,10 @@ sys___mac_get_fd(struct thread *td, stru
default:
error = EINVAL;
}
- fdrop(fp, td);
if (error == 0)
error = copyout(buffer, mac.m_string, strlen(buffer)+1);
-
+out_fdrop:
+ fdrop(fp, td);
out:
free(buffer, M_MACTEMP);
free(elements, M_MACTEMP);
@@ -450,8 +456,10 @@ sys___mac_set_fd(struct thread *td, stru
switch (fp->f_type) {
case DTYPE_FIFO:
case DTYPE_VNODE:
- if (!(mac_labeled & MPC_OBJECT_VNODE))
- return (EINVAL);
+ if (!(mac_labeled & MPC_OBJECT_VNODE)) {
+ error = EINVAL;
+ goto out_fdrop;
+ }
intlabel = mac_vnode_label_alloc();
error = mac_vnode_internalize_label(intlabel, buffer);
if (error) {
@@ -475,8 +483,10 @@ sys___mac_set_fd(struct thread *td, stru
break;
case DTYPE_PIPE:
- if (!(mac_labeled & MPC_OBJECT_PIPE))
- return (EINVAL);
+ if (!(mac_labeled & MPC_OBJECT_PIPE)) {
+ error = EINVAL;
+ goto out_fdrop;
+ }
intlabel = mac_pipe_label_alloc();
error = mac_pipe_internalize_label(intlabel, buffer);
if (error == 0) {
@@ -490,8 +500,10 @@ sys___mac_set_fd(struct thread *td, stru
break;
case DTYPE_SOCKET:
- if (!(mac_labeled & MPC_OBJECT_SOCKET))
- return (EINVAL);
+ if (!(mac_labeled & MPC_OBJECT_SOCKET)) {
+ error = EINVAL;
+ goto out_fdrop;
+ }
intlabel = mac_socket_label_alloc(M_WAITOK);
error = mac_socket_internalize_label(intlabel, buffer);
if (error == 0) {
@@ -505,6 +517,7 @@ sys___mac_set_fd(struct thread *td, stru
default:
error = EINVAL;
}
+out_fdrop:
fdrop(fp, td);
out:
free(buffer, M_MACTEMP);
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
