[apparmor] PATCH [3/3] - Fix leaking of screened logged messages
Steve Beattie
steve at nxnw.org
Thu Sep 9 19:33:21 BST 2010
On Thu, Sep 09, 2010 at 09:09:59AM -0700, John Johansen wrote:
> AppArmor notify is not freeing up messages that are not reported
>
> Index: utils/apparmor_notify
> ===================================================================
> --- utils.orig/apparmor_notify 2010-09-09 08:50:27.684193402 -0700
> +++ utils/apparmor_notify 2010-09-09 08:51:27.634191991 -0700
> @@ -224,14 +224,14 @@
> my $since = 0;
> if (defined($date) and $#params > 0 and $params[1] =~ /^[0-9]+$/) {
> $since = int($params[1]);
> - int($date) >= $since or return ();
> + int($date) >= $since or goto err;
> }
>
> # ignore all but status and denied messages
> my $type = LibAppArmor::aa_log_record::swig_event_get($test);
>
> $type == $LibAppArmor::AA_RECORD_DENIED ||
> - $type == $LibAppArmor::AA_RECORD_STATUS or return ();
> + $type == $LibAppArmor::AA_RECORD_STATUS or goto err;
>
> my $profile = LibAppArmor::aa_log_record::swig_profile_get($test);
> my $operation = LibAppArmor::aa_log_record::swig_operation_get($test);
> @@ -242,6 +242,10 @@
> LibAppArmorc::free_record($test);
>
> return ($profile, $operation, $name, $denied, $family, $sock_type, $date);
> +
> +err:
> + LibAppArmorc::free_record($test);
> + return ();
> }
>
> sub format_message {
ACKed as committed and merged for 2.5.1. Release note added.
Thanks.
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/apparmor/attachments/20100909/eddf051d/attachment-0001.pgp
More information about the AppArmor
mailing list