libselinux/backport-libselinux-fix-some-memory-issues-in-db_init.patch

From 001af27a6d32e5b3d1f7410f0007687d7e3c07f5 Mon Sep 17 00:00:00 2001
From: Jie Lu <lujie54@huawei.com>
Date: Tue, 22 Nov 2022 13:21:10 +0800
Subject: [PATCH] libselinux: fix some memory issues in db_init

1. check the return of strdup to avoid a potential NULL reference.
2. make sure line_buf is freed.

Signed-off-by: Jie Lu <lujie54@huawei.com>
Acked-by: James Carter <jwcart2@gmail.com>
---
 libselinux/src/label_db.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/label_db.c b/src/label_db.c
index 94c05c6d..bd73201c 100644
--- a/src/label_db.c
+++ b/src/label_db.c
@@ -293,6 +293,11 @@ db_init(const struct selinux_opt *opts, unsigned nopts,
 		return NULL;
 	}
 	rec->spec_file = strdup(path);
+	if (!rec->spec_file) {
+                free(catalog);
+                fclose(filp);
+                return NULL;
+	}
 
 	/*
 	 * Parse for each lines
@@ -322,18 +327,19 @@ db_init(const struct selinux_opt *opts, unsigned nopts,
 		if (process_line(path, line_buf, ++line_num, catalog) < 0)
 			goto out_error;
 	}
-	free(line_buf);
 
 	if (digest_add_specfile(rec->digest, filp, NULL, sb.st_size, path) < 0)
 		goto out_error;
 
 	digest_gen_hash(rec->digest);
 
+	free(line_buf);
 	fclose(filp);
 
 	return catalog;
 
 out_error:
+	free(line_buf);
 	for (i = 0; i < catalog->nspec; i++) {
 		spec_t	       *spec = &catalog->specs[i];
 
-- 
2.27.0