From 3218a24ad0b4787055aa665e3a33004e506d2402 Mon Sep 17 00:00:00 2001
From: John Johansen <john.johansen@canonical.com>
Date: Wed, 15 Nov 2017 15:25:30 -0800
Subject: [PATCH] apparmor: fix leak of null profile name if profile allocation  fails
References: bsc#1071057
Git-commit: 4633307e5ed6128975595df43f796a10c41d11c1
Patch-mainline: v4.15-rc1

Fixes: d07881d2edb0 ("apparmor: move new_null_profile to after profile lookup fns()")
Reported-by: Seth Arnold <seth.arnold@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Goldwyn Rodrigues <rgoldwyn@suse.com>
---
 security/apparmor/policy.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index ea8acc9fcfda..877983014b5b 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -503,7 +503,7 @@ struct aa_profile *aa_new_null_profile(struct aa_profile *parent, bool hat,
 {
 	struct aa_profile *p, *profile;
 	const char *bname;
-	char *name;
+	char *name = NULL;
 
 	AA_BUG(!parent);
 
@@ -563,6 +563,7 @@ struct aa_profile *aa_new_null_profile(struct aa_profile *parent, bool hat,
 	return profile;
 
 fail:
+	kfree(name);
 	aa_free_profile(profile);
 	return NULL;
 }
-- 
2.14.2