mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 06:16:03 +00:00
Code Issues Releases Wiki Activity

Bah, the whole using linux/socket.h get AF_* tokens versus sys/socket.h

Browse Source 
thing again. Fix to use the kernel's definition of AF_MAX in
linux/socket.h if it's larger than glibc's AF_MAX definition in
sys/socket.h and add a wrapper function so that we don't have include
af_names.h everywhere.

Also, fix memory leaks around the handling of network entries of
policies.
This commit is contained in:
Steve Beattie
2009-07-24 17:24:41 +00:00
parent 098598c98d
commit b8cde97ab7
6 changed files with 42 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
parser/parser_policy.c
View File

@@ -646,8 +646,8 @@ struct codomain *merge_policy(struct codomain *a, struct codomain *b)
a->set_caps = a->set_caps | b->set_caps;
if (a->network_allowed) {
int i;
for (i = 0; i < AF_MAX; i++) {
size_t i;
for (i = 0; i < get_af_max(); i++) {
a->network_allowed[i] |= b->network_allowed[i];
a->audit_network[i] |= b->audit_network[i];
a->deny_network[i] |= b->deny_network[i];
@@ -732,6 +732,14 @@ void free_policy(struct codomain *cod)
free(cod->name);
if (cod->namespace)
free(cod->namespace);
if (cod->network_allowed)
free(cod->network_allowed);
if (cod->audit_network)
free(cod->audit_network);
if (cod->deny_network)
free(cod->deny_network);
if (cod->quiet_network)
free(cod->quiet_network);
free(cod);
}