mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 10:07:12 +00:00
Code Issues Releases Wiki Activity

parser: fix leaking disconnected paths when merging

Browse Source 
Valgrind showed that the disconnected paths variables were leaking
during the merge. That happened because flagvals did not implement a
destructor freeing the variables, so they leaked. flagvals cannot
implement a destructor, because that would make it a non-trivial union
member and parser_yacc.y would not compile. This patch implements a
"clear" function that is supposed to act as the destructor.

$ /usr/bin/valgrind --leak-check=full --error-exitcode=151 ../apparmor_parser -Q -I simple_tests/ -M ./features_files/features.all flags_ok_disconnected_ipc15.sd
...
==3708747== 5 bytes in 1 blocks are definitely lost in loss record 1 of 11
==3708747==    at 0x4846828: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3708747==    by 0x492E35E: strdup (strdup.c:42)
==3708747==    by 0x14C74E: set_disconnected_path (profile.h:188)
==3708747==    by 0x14C74E: flagvals::init(char const*) (profile.h:223)
==3708747==    by 0x14859B: yyparse() (parser_yacc.y:592)
==3708747==    by 0x141A99: process_profile(int, aa_kernel_interface*, char const*, aa_policy_cache*) (parser_main.c:1187)
==3708747==    by 0x135421: main (parser_main.c:1771)
...

Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
This commit is contained in:
Georgia Garcia 2025-08-05 15:48:28 -03:00
parent fedcab2ad0
commit d9866f0a24
3 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
parser/parser_yacc.y
View File

@ -577,6 +577,7 @@ flags: opt_flags TOK_OPENPAREN flagvals TOK_CLOSEPAREN
flagvals: flagvals flagval flagvals: flagvals flagval
{ {
$1.merge($2); $1.merge($2);
$2.clear();
$$ = $1; $$ = $1;
}; };

5
parser/profile.cc
View File

@ -78,6 +78,7 @@ void ProfileList::dump_profile_names(bool children)
Profile::~Profile() Profile::~Profile()
{ {
hat_table.clear(); hat_table.clear();
flags.clear();
free_cod_entries(entries); free_cod_entries(entries);
free_cond_entry_list(xattrs); free_cond_entry_list(xattrs);
@ -97,10 +98,6 @@ Profile::~Profile()
free(name); free(name);
if (attachment) if (attachment)
free(attachment); free(attachment);
if (flags.disconnected_path)
free(flags.disconnected_path);
if (flags.disconnected_ipc)
free(flags.disconnected_ipc);
if (ns) if (ns)
free(ns); free(ns);
for (int i = (AA_EXEC_LOCAL >> 10) + 1; i < AA_EXEC_COUNT; i++) for (int i = (AA_EXEC_LOCAL >> 10) + 1; i < AA_EXEC_COUNT; i++)

10
parser/profile.h
View File

@ -175,6 +175,12 @@ public:
signal = 0; signal = 0;
error = 0; error = 0;
} }
void clear(void) {
free(disconnected_path);
free(disconnected_ipc);
}
void init(const char *str) void init(const char *str)
{ {
init(); init();
@ -301,7 +307,7 @@ public:
} }
// same ignore rhs.disconnect_path // same ignore rhs.disconnect_path
} else { } else {
disconnected_path = rhs.disconnected_path; disconnected_path = strdup(rhs.disconnected_path);
} }
} }
if (rhs.disconnected_ipc) { if (rhs.disconnected_ipc) {
@ -311,7 +317,7 @@ public:
} }
// same so do nothing // same so do nothing
} else { } else {
disconnected_ipc = rhs.disconnected_ipc; disconnected_ipc = strdup(rhs.disconnected_ipc);
} }
} }
if (rhs.signal) { if (rhs.signal) {