mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 06:16:03 +00:00
Code Issues Releases Wiki Activity

Merge Fix use-after-free of 'name' in parser_regex.c

Browse Source 
'name' gets used in the error message. Make sure it only gets freed
afterwards.

This bug was introduced in be0d2fa947 /
https://gitlab.com/apparmor/apparmor/-/merge_requests/727

Fixes coverity CID 254465:  Memory - illegal accesses  (USE_AFTER_FREE)

I propose this fix for 3.0..master.

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1040
Approved-by: Georgia Garcia <georgia.garcia@canonical.com>
Merged-by: John Johansen <john@jjmx.net>
(cherry picked from commit 8d6358fa6d)
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen
2023-05-29 22:38:17 +00:00
committed by John Johansen
parent 3bba4eeb20
commit 2b980348a6
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
parser/parser_regex.c
View File

@@ -486,13 +486,18 @@ static int process_profile_name_xmatch(Profile *prof)
&prof->xmatch_len);
if (ptype == ePatternBasic)
prof->xmatch_len = strlen(name);
if (!prof->attachment)
free(name);
if (ptype == ePatternInvalid) {
PERROR(_("%s: Invalid profile name '%s' - bad regular expression\n"), progname, name);
if (!prof->attachment)
free(name);
return FALSE;
} else if (ptype == ePatternBasic && !(prof->altnames || prof->attachment || prof->xattrs.list)) {
}
if (!prof->attachment)
free(name);
if (ptype == ePatternBasic && !(prof->altnames || prof->attachment || prof->xattrs.list)) {
/* no regex so do not set xmatch */
prof->xmatch = NULL;
prof->xmatch_len = 0;