From 3be312e0cf2c45adbe694b136f848fb62cba877e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Sat, 1 Apr 2023 14:49:02 +0200
Subject: [PATCH] libsemanage: fix memory leak in semanage_user_roles

The output parameter `role_arr` of semanage_user_get_roles() is an array
of non-owned role names.  Since the array is never used again, as its
contents have been copied into the return value `roles`, free it.

Example leak report from useradd(8):

    Direct leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x5597624284a8 in __interceptor_calloc (./shadow/src/useradd+0xee4a8)
    #1 0x7f53aefcbbf9 in sepol_user_get_roles src/user_record.c:270:21
Reference: https://github.com/SELinuxProject/selinux/commit/3be312e0cf2c45adbe694b136f848fb62cba877e
Conflict: Modify the file paths
---
 libsemanage/src/seusers_local.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/seusers_local.c b/src/seusers_local.c
index 6508ec05..795a33d6 100644
--- a/src/seusers_local.c
+++ b/src/seusers_local.c
@@ -47,6 +47,7 @@ static char *semanage_user_roles(semanage_handle_t * handle, const char *sename)
 						}
 					}
 				}
+				free(roles_arr);
 			}
 			semanage_user_free(user);
 		}
-- 
2.27.0