From 3218a24ad0b4787055aa665e3a33004e506d2402 Mon Sep 17 00:00:00 2001
From: John Johansen <john.johansen@canonical.com>
Date: Wed, 15 Nov 2017 15:25:30 -0800
Subject: [PATCH] apparmor: fix leak of null profile name if profile allocation fails
References: bsc#1071057
Git-commit: 4633307e5ed6128975595df43f796a10c41d11c1
Patch-mainline: v4.15-rc1
Fixes: d07881d2edb0 ("apparmor: move new_null_profile to after profile lookup fns()")
Reported-by: Seth Arnold <seth.arnold@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Goldwyn Rodrigues <rgoldwyn@suse.com>
---
security/apparmor/policy.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index ea8acc9fcfda..877983014b5b 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -503,7 +503,7 @@ struct aa_profile *aa_new_null_profile(struct aa_profile *parent, bool hat,
{
struct aa_profile *p, *profile;
const char *bname;
- char *name;
+ char *name = NULL;
AA_BUG(!parent);
@@ -563,6 +563,7 @@ struct aa_profile *aa_new_null_profile(struct aa_profile *parent, bool hat,
return profile;
fail:
+ kfree(name);
aa_free_profile(profile);
return NULL;
}
--
2.14.2