[apparmor] [patch] fix log parsing memory leaks
Seth Arnold
seth.arnold at canonical.com
Fri Jul 11 22:35:32 UTC 2014
On Fri, Jul 11, 2014 at 03:24:29PM -0700, Steve Beattie wrote:
> This patch fixes some memory leaks in the libapparmor log parsing functions,
> specifically around handling records obtained from syslog and records
> containing network addresses.
>
> Bug: https://bugs.launchpad.net/bugs/1340927
> Signed-off-by: Steve Beattie <steve at nxnw.org>
Wow, nice catch and fast debugging.
Acked-by: Seth Arnold <seth.arnold at canonical.com>
Thanks
> ---
> libraries/libapparmor/src/grammar.y | 16 +++++++++-------
> libraries/libapparmor/src/libaalogparse.c | 4 ++++
> 2 files changed, 13 insertions(+), 7 deletions(-)
>
> Index: b/libraries/libapparmor/src/grammar.y
> ===================================================================
> --- a/libraries/libapparmor/src/grammar.y
> +++ b/libraries/libapparmor/src/grammar.y
> @@ -196,15 +196,15 @@ other_audit: TOK_TYPE_OTHER audit_msg TO
>
> syslog_type:
> syslog_date TOK_ID TOK_SYSLOG_KERNEL audit_id key_list
> - { ret_record->version = AA_RECORD_SYNTAX_V2; }
> + { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); }
> | syslog_date TOK_ID TOK_SYSLOG_KERNEL key_type audit_id key_list
> - { ret_record->version = AA_RECORD_SYNTAX_V2; }
> + { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); }
> | syslog_date TOK_ID TOK_SYSLOG_KERNEL TOK_DMESG_STAMP audit_id key_list
> - { ret_record->version = AA_RECORD_SYNTAX_V2; }
> + { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); free($4); }
> | syslog_date TOK_ID TOK_SYSLOG_KERNEL TOK_DMESG_STAMP key_type audit_id key_list
> - { ret_record->version = AA_RECORD_SYNTAX_V2; }
> + { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); free($4); }
> | syslog_date TOK_ID TOK_SYSLOG_USER key_list
> - { ret_record->version = AA_RECORD_SYNTAX_V2; }
> + { ret_record->version = AA_RECORD_SYNTAX_V2; free($2); }
> ;
>
> /* when audit dispatches a message it doesn't prepend the audit type string */
> @@ -229,8 +229,10 @@ audit_id: TOK_AUDIT TOK_OPEN_PAREN TOK_A
> free($7);
> } ;
>
> -syslog_date: TOK_DATE_MONTH TOK_DIGITS TOK_TIME { /* do nothing? */ }
> - | TOK_DATE TOK_TIME { /* do nothing */ }
> +syslog_date: TOK_DATE_MONTH TOK_DIGITS TOK_TIME
> + { free($1); free($3); /* do nothing */ }
> + | TOK_DATE TOK_TIME
> + { free($1); free($2); /* do nothing */ }
> ;
>
> key_list: key
> Index: b/libraries/libapparmor/src/libaalogparse.c
> ===================================================================
> --- a/libraries/libapparmor/src/libaalogparse.c
> +++ b/libraries/libapparmor/src/libaalogparse.c
> @@ -81,6 +81,10 @@ void free_record(aa_log_record *record)
> free(record->net_protocol);
> if (record->net_sock_type != NULL)
> free(record->net_sock_type);
> + if (record->net_local_addr != NULL)
> + free(record->net_local_addr);
> + if (record->net_foreign_addr != NULL)
> + free(record->net_foreign_addr);
> if (record->dbus_bus != NULL)
> free(record->dbus_bus);
> if (record->dbus_path != NULL)
>
> --
> Steve Beattie
> <sbeattie at ubuntu.com>
> http://NxNW.org/~steve/
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140711/e894914f/attachment.pgp>
More information about the AppArmor
mailing list