37 lines
1.1 KiB
Diff
37 lines
1.1 KiB
Diff
From 28510556f84263219a3d1846d6e2857c91680419 Mon Sep 17 00:00:00 2001
|
|
From: Petr Lautrbach <plautrba@redhat.com>
|
|
Date: Fri, 1 Apr 2022 15:35:47 +0200
|
|
Subject: [PATCH] libsemanage: Fix USE_AFTER_FREE (CWE-672) in
|
|
semanage_direct_get_module_info()
|
|
|
|
>From fclose(3):
|
|
Upon successful completion, 0 is returned. Otherwise, EOF is returned
|
|
and errno is set to indicate the error. In either case, any further
|
|
access (including another call to fclose()) to the stream results in
|
|
undefined behavior.
|
|
|
|
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
|
|
Acked-by: James Carter <jwcart2@gmail.com>
|
|
|
|
Reference: https://github.com/SELinuxProject/selinux/commit/28510556f84263219a3d1846d6e2857c91680419
|
|
Conflict: Modify the file paths
|
|
---
|
|
libsemanage/src/direct_api.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/src/direct_api.c b/src/direct_api.c
|
|
index d83941b0..d5716ce5 100644
|
|
--- a/src/direct_api.c
|
|
+++ b/src/direct_api.c
|
|
@@ -2293,6 +2293,7 @@ static int semanage_direct_get_module_info(semanage_handle_t *sh,
|
|
tmp = NULL;
|
|
|
|
if (fclose(fp) != 0) {
|
|
+ fp = NULL;
|
|
ERR(sh,
|
|
"Unable to close %s module lang ext file.",
|
|
(*modinfo)->name);
|
|
--
|
|
2.27.0
|
|
|