[PATCH] KEYS: fix memory leak when reading certificate fails

Dongliang Mu mudongliangabcd at gmail.com
Thu Mar 3 12:02:44 UTC 2022


On Thu, Mar 3, 2022 at 7:49 PM Denis Glazkov <d.glazkov at omp.ru> wrote:
>
> In the `read_file` function of `insert-sys-cert.c` script, if
> the data is read incorrectly, the memory allocated for the `buf`
> array is not freed.
>
> Fixes: c4c361059585 ("KEYS: Reserve an extra certificate symbol for inserting without recompiling")
> Signed-off-by: Denis Glazkov <d.glazkov at omp.ru>
> ---
>  scripts/insert-sys-cert.c | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/scripts/insert-sys-cert.c b/scripts/insert-sys-cert.c
> index 8902836c2342..b98a0b12f16f 100644
> --- a/scripts/insert-sys-cert.c
> +++ b/scripts/insert-sys-cert.c
> @@ -251,6 +251,7 @@ static char *read_file(char *file_name, int *size)
>         if (read(fd, buf, *size) != *size) {
>                 perror("File read failed");
>                 close(fd);
> +               free(buf);
>                 return NULL;
>         }
>         close(fd);

Hi Denis,

There is another issue related to variable buf. On the success path,
buf will be assigned to variable cert in the main function. And cert
is not free when the main function exits.

> --
> 2.25.1



More information about the Linux-security-module-archive mailing list