[PATCH] KEYS: fix memory leak when reading certificate fails
Dongliang Mu
mudongliangabcd at gmail.com
Thu Mar 3 12:02:44 UTC 2022
On Thu, Mar 3, 2022 at 7:49 PM Denis Glazkov <d.glazkov at omp.ru> wrote:
>
> In the `read_file` function of `insert-sys-cert.c` script, if
> the data is read incorrectly, the memory allocated for the `buf`
> array is not freed.
>
> Fixes: c4c361059585 ("KEYS: Reserve an extra certificate symbol for inserting without recompiling")
> Signed-off-by: Denis Glazkov <d.glazkov at omp.ru>
> ---
> scripts/insert-sys-cert.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/scripts/insert-sys-cert.c b/scripts/insert-sys-cert.c
> index 8902836c2342..b98a0b12f16f 100644
> --- a/scripts/insert-sys-cert.c
> +++ b/scripts/insert-sys-cert.c
> @@ -251,6 +251,7 @@ static char *read_file(char *file_name, int *size)
> if (read(fd, buf, *size) != *size) {
> perror("File read failed");
> close(fd);
> + free(buf);
> return NULL;
> }
> close(fd);
Hi Denis,
There is another issue related to variable buf. On the success path,
buf will be assigned to variable cert in the main function. And cert
is not free when the main function exits.
> --
> 2.25.1
More information about the Linux-security-module-archive
mailing list