libsepol: free initial sid names

Commit 55b75a2 ("libsepol: stop translating deprecated intial SIDs to strings") dropped several names of obsolete initial sids ans replaced them with NULL. This leads to their printable string being dynamically allocated but not free'd. Instead of keeping track of which name was allocated dynamically and which not, allocate all on the heap, which simplifies the later cleanup. While on it also free the name in case of a strs_add_at_index() failure. Fixes: 55b75a2 ("libsepol: stop translating deprecated intial SIDs to strings") Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
cgzones · Jul 5, 2023 · bcaa568 · bcaa568
1 parent a991ff3
commit bcaa568
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 19 deletions.
diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c
@@ -569,18 +569,19 @@ static int write_sids_to_cil(FILE *out, const char *const *sid_to_str,
 	for (isid = isids; isid != NULL; isid = isid->next) {
 		i = isid->sid[0];
 		if (i < num_sids && sid_to_str[i]) {
-			sid = (char *)sid_to_str[i];
+			sid = strdup(sid_to_str[i]);
 		} else {
 			snprintf(unknown, 18, "%s%u", "UNKNOWN", i);
 			sid = strdup(unknown);
-			if (!sid) {
-				ERR(NULL, "Out of memory");
-				rc = -1;
-				goto exit;
-			}
+		}
+		if (!sid) {
+			ERR(NULL, "Out of memory");
+			rc = -1;
+			goto exit;
 		}
 		rc = strs_add_at_index(strs, sid, i);
 		if (rc != 0) {
+			free(sid);
 			goto exit;
 		}
 	}
@@ -611,10 +612,7 @@ static int write_sids_to_cil(FILE *out, const char *const *sid_to_str,
 	sepol_printf(out, "))\n");
 
 exit:
-	for (i=num_sids; i<strs_num_items(strs); i++) {
-		sid = strs_read_at_index(strs, i);
-		free(sid);
-	}
+	strs_free_all(strs);
 	strs_destroy(&strs);
 	if (rc != 0) {
 		ERR(NULL, "Error writing sid rules to CIL");

diff --git a/libsepol/src/kernel_to_conf.c b/libsepol/src/kernel_to_conf.c
@@ -466,17 +466,18 @@ static int write_sids_to_conf(FILE *out, const char *const *sid_to_str,
 	for (isid = isids; isid != NULL; isid = isid->next) {
 		i = isid->sid[0];
 		if (i < num_sids && sid_to_str[i]) {
-			sid = (char *)sid_to_str[i];
+			sid = strdup(sid_to_str[i]);
 		} else {
 			snprintf(unknown, sizeof(unknown), "%s%u", "UNKNOWN", i);
 			sid = strdup(unknown);
-			if (!sid) {
-				rc = -1;
-				goto exit;
-			}
+		}
+		if (!sid) {
+			rc = -1;
+			goto exit;
 		}
 		rc = strs_add_at_index(strs, sid, i);
 		if (rc != 0) {
+			free(sid);
 			goto exit;
 		}
 	}
@@ -490,10 +491,7 @@ static int write_sids_to_conf(FILE *out, const char *const *sid_to_str,
 	}
 
 exit:
-	for (i=num_sids; i<strs_num_items(strs); i++) {
-		sid = strs_read_at_index(strs, i);
-		free(sid);
-	}
+	strs_free_all(strs);
 	strs_destroy(&strs);
 	if (rc != 0) {
 		ERR(NULL, "Error writing sid rules to policy.conf");