diff options
| author | Jim Meyering <meyering@redhat.com> | 2011-11-08 19:03:39 +0100 |
|---|---|---|
| committer | Jim Meyering <meyering@redhat.com> | 2011-11-12 10:22:55 +0100 |
| commit | f8245e96cd11756cce8f47ded4459f3c170cd2e3 (patch) | |
| tree | 803b6469b73a34a8a91e70d60d3e8d3dab37bba5 /src | |
| parent | 91a5badc7b8b96916147f28b1d094af98efa5aa7 (diff) | |
| download | coreutils-f8245e96cd11756cce8f47ded4459f3c170cd2e3.tar.xz | |
ls: plug a per-argument leak
Using ls -l on an SELinux-enabled system would leak one SELinux
context string per non-empty-directory command-line argument.
* src/ls.c (free_ent): New function, factored out of...
(clear_files): ...here. Use it.
(extract_dirs_from_files): Call free_ent (f), rather than simply
free (f->name). The latter failed to free the possibly-malloc'd
linkname and scontext members, and thus could leak one of those
strings per command-line argument.
* THANKS.in: Update.
* NEWS (Bug fixes): Mention it.
Reported by Juraj Marko in http://bugzilla.redhat.com/751974.
Diffstat (limited to 'src')
| -rw-r--r-- | src/ls.c | 17 |
1 files changed, 11 insertions, 6 deletions
@@ -2715,8 +2715,16 @@ has_capability (char const *name ATTRIBUTE_UNUSED) /* Enter and remove entries in the table `cwd_file'. */ -/* Empty the table of files. */ +static void +free_ent (struct fileinfo *f) +{ + free (f->name); + free (f->linkname); + if (f->scontext != UNKNOWN_SECURITY_CONTEXT) + freecon (f->scontext); +} +/* Empty the table of files. */ static void clear_files (void) { @@ -2725,10 +2733,7 @@ clear_files (void) for (i = 0; i < cwd_n_used; i++) { struct fileinfo *f = sorted_file[i]; - free (f->name); - free (f->linkname); - if (f->scontext != UNKNOWN_SECURITY_CONTEXT) - freecon (f->scontext); + free_ent (f); } cwd_n_used = 0; @@ -3164,7 +3169,7 @@ extract_dirs_from_files (char const *dirname, bool command_line_arg) free (name); } if (f->filetype == arg_directory) - free (f->name); + free_ent (f); } } |