mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-15 10:17:20 +00:00
Code Issues Releases Activity

When allocation of labels on files is implicitly disabled due to MAC

Browse Source 
policy configuration, avoid leaking resources following failed calls
to get and set MAC labels by file descriptor.

Reported by:	Mateusz Guzik <mjguzik at gmail.com> + clang scan-build
MFC after:	3 days
This commit is contained in:
Robert Watson 2012-04-08 11:01:49 +00:00
parent cf771f223b
commit b4ef8be228
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=234032
1 changed files with 27 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
sys/security/mac/mac_syscalls.c
View File

@ -256,8 +256,10 @@ sys___mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap)
switch (fp->f_type) {
case DTYPE_FIFO:
case DTYPE_VNODE:
if (!(mac_labeled & MPC_OBJECT_VNODE))
return (EINVAL);
if (!(mac_labeled & MPC_OBJECT_VNODE)) {
error = EINVAL;
goto out_fdrop;
}
vp = fp->f_vnode;
intlabel = mac_vnode_label_alloc();
vfslocked = VFS_LOCK_GIANT(vp->v_mount);
@ -271,8 +273,10 @@ sys___mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap)
break;
case DTYPE_PIPE:
if (!(mac_labeled & MPC_OBJECT_PIPE))
return (EINVAL);
if (!(mac_labeled & MPC_OBJECT_PIPE)) {
error = EINVAL;
goto out_fdrop;
}
pipe = fp->f_data;
intlabel = mac_pipe_label_alloc();
PIPE_LOCK(pipe);
@ -284,8 +288,10 @@ sys___mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap)
break;
case DTYPE_SOCKET:
if (!(mac_labeled & MPC_OBJECT_SOCKET))
return (EINVAL);
if (!(mac_labeled & MPC_OBJECT_SOCKET)) {
error = EINVAL;
goto out_fdrop;
}
so = fp->f_data;
intlabel = mac_socket_label_alloc(M_WAITOK);
SOCK_LOCK(so);
@ -299,10 +305,10 @@ sys___mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap)
default:
error = EINVAL;
}
fdrop(fp, td);
if (error == 0)
error = copyout(buffer, mac.m_string, strlen(buffer)+1);
out_fdrop:
fdrop(fp, td);
out:
free(buffer, M_MACTEMP);
free(elements, M_MACTEMP);
@ -450,8 +456,10 @@ sys___mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap)
switch (fp->f_type) {
case DTYPE_FIFO:
case DTYPE_VNODE:
if (!(mac_labeled & MPC_OBJECT_VNODE))
return (EINVAL);
if (!(mac_labeled & MPC_OBJECT_VNODE)) {
error = EINVAL;
goto out_fdrop;
}
intlabel = mac_vnode_label_alloc();
error = mac_vnode_internalize_label(intlabel, buffer);
if (error) {
@ -475,8 +483,10 @@ sys___mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap)
break;
case DTYPE_PIPE:
if (!(mac_labeled & MPC_OBJECT_PIPE))
return (EINVAL);
if (!(mac_labeled & MPC_OBJECT_PIPE)) {
error = EINVAL;
goto out_fdrop;
}
intlabel = mac_pipe_label_alloc();
error = mac_pipe_internalize_label(intlabel, buffer);
if (error == 0) {
@ -490,8 +500,10 @@ sys___mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap)
break;
case DTYPE_SOCKET:
if (!(mac_labeled & MPC_OBJECT_SOCKET))
return (EINVAL);
if (!(mac_labeled & MPC_OBJECT_SOCKET)) {
error = EINVAL;
goto out_fdrop;
}
intlabel = mac_socket_label_alloc(M_WAITOK);
error = mac_socket_internalize_label(intlabel, buffer);
if (error == 0) {
@ -505,6 +517,7 @@ sys___mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap)
default:
error = EINVAL;
}
out_fdrop:
fdrop(fp, td);
out:
free(buffer, M_MACTEMP);