Package: libselinux1
Version: 2.0.89-4
Severity: normal
Tags: upstream patch
Under certain conditions, such as when the selinux filesystem is not
available, init.c leaks a getline buffer. The attached patch fixes that.
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libselinux1 depends on:
ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib
libselinux1 recommends no packages.
libselinux1 suggests no packages.
-- no debconf information
--- libselinux-2.0.89/src/init.c 2009-11-02 22:07:54.000000000 +0000
+++ libselinux-2.0.89/src/init.c.new 2010-02-20 12:06:49.000000000 +0000
@@ -59,14 +59,18 @@
}
fclose(fp);
- if (!exists)
+ if (!exists) {
+ free(buf);
return;
+ }
/* At this point, the usual spot doesn't have an selinuxfs so
* we look around for it */
fp = fopen("/proc/mounts", "r");
- if (!fp)
+ if (!fp) {
+ free(buf);
return;
+ }
__fsetlocking(fp, FSETLOCKING_BYCALLER);
while ((num = getline(&buf, &len, fp)) != -1) {
