apparmor: fix leak of null profile name if profile allocation fails
authorJohn Johansen <john.johansen@canonical.com>
Wed, 15 Nov 2017 23:25:30 +0000 (15:25 -0800)
committerJohn Johansen <john.johansen@canonical.com>
Tue, 21 Nov 2017 10:17:13 +0000 (02:17 -0800)
Fixes: d07881d2edb0 ("apparmor: move new_null_profile to after profile lookup fns()")
Reported-by: Seth Arnold <seth.arnold@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
security/apparmor/policy.c

index 4243b0c3f0e4acc6d66c70ea878f32d548bebdd4..586b249d3b46a14a3901800b5315eacd2467a01d 100644 (file)
@@ -502,7 +502,7 @@ struct aa_profile *aa_new_null_profile(struct aa_profile *parent, bool hat,
 {
        struct aa_profile *p, *profile;
        const char *bname;
-       char *name;
+       char *name = NULL;
 
        AA_BUG(!parent);
 
@@ -562,6 +562,7 @@ out:
        return profile;
 
 fail:
+       kfree(name);
        aa_free_profile(profile);
        return NULL;
 }