[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 5/n] security: plug memory leak



2010/11/24 Eric Blake <eblake redhat com>:
> security_context_t happens to be a typedef for char*, and happens to
> begin with a string usable as a raw context string.  But in reality,
> it is an opaque type that may or may not have additional information
> after the first NUL byte, where that additional information can
> include pointers that can only be freed via freecon().
>
> Proof is from this valgrind run of daemon/libvirtd:
>
> ==6028== 839,169 (40 direct, 839,129 indirect) bytes in 1 blocks are definitely lost in loss record 274 of 274
> ==6028==    at 0x4A0515D: malloc (vg_replace_malloc.c:195)
> ==6028==    by 0x3022E0D48C: selabel_open (label.c:165)
> ==6028==    by 0x3022E11646: matchpathcon_init_prefix (matchpathcon.c:296)
> ==6028==    by 0x3022E1190D: matchpathcon (matchpathcon.c:317)
> ==6028==    by 0x4F9D842: SELinuxRestoreSecurityFileLabel (security_selinux.c:382)
>
> 800k is a lot of memory to be leaking.
>
> * src/security/security_selinux.c
> (SELinuxReserveSecurityLabel, SELinuxGetSecurityProcessLabel)
> (SELinuxRestoreSecurityFileLabel): Use correct function to free
> security_context_t.
>

ACK.

Matthias


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]