diff --git mcstrans-2.8/src/mcstrans.c mcstrans-2.8/src/mcstrans.c
index 00fb808..0d9d0f3 100644
--- mcstrans-2.8/src/mcstrans.c
+++ mcstrans-2.8/src/mcstrans.c
@@ -633,16 +633,23 @@ add_cache(domain_t *domain, char *raw, char *trans) {
map->raw = strdup(raw);
if (!map->raw) {
+ free(map);
goto err;
}
map->trans = strdup(trans);
if (!map->trans) {
+ free(map->raw);
+ free(map);
goto err;
}
log_debug(" add_cache (%s,%s)\n", raw, trans);
- if (add_to_hashtable(domain->raw_to_trans, map->raw, map) < 0)
+ if (add_to_hashtable(domain->raw_to_trans, map->raw, map) < 0) {
+ free(map->trans);
+ free(map->raw);
+ free(map);
goto err;
+ }
if (add_to_hashtable(domain->trans_to_raw, map->trans, map) < 0)
goto err;
@@ -708,6 +715,7 @@ append(affix_t **affixes, const char *val) {
err:
log_error("allocation error %s", strerror(errno));
+ free(affix);
return -1;
}
@@ -1517,8 +1525,11 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
} else {
trans = compute_trans_from_raw(range, domain);
if (trans)
- if (add_cache(domain, range, trans) < 0)
+ if (add_cache(domain, range, trans) < 0) {
+ free(trans);
+ free(range);
return -1;
+ }
}
if (lrange && urange) {
@@ -1526,12 +1537,16 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
if (! ltrans) {
ltrans = compute_trans_from_raw(lrange, domain);
if (ltrans) {
- if (add_cache(domain, lrange, ltrans) < 0)
+ if (add_cache(domain, lrange, ltrans) < 0) {
+ free(ltrans);
+ free(range);
return -1;
+ }
} else {
ltrans = strdup(lrange);
if (! ltrans) {
log_error("strdup failed %s", strerror(errno));
+ free(range);
return -1;
}
}
@@ -1541,25 +1556,37 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
if (! utrans) {
utrans = compute_trans_from_raw(urange, domain);
if (utrans) {
- if (add_cache(domain, urange, utrans) < 0)
+ if (add_cache(domain, urange, utrans) < 0) {
+ free(utrans);
+ free(ltrans);
+ free(range);
return -1;
+ }
} else {
utrans = strdup(urange);
if (! utrans) {
log_error("strdup failed %s", strerror(errno));
- return -1;
- }
- }
+ free(ltrans);
+ free(range);
+ return -1;
+ }
+ }
}
if (strcmp(ltrans, utrans) == 0) {
if (asprintf(&trans, "%s", ltrans) < 0) {
log_error("asprintf failed %s", strerror(errno));
+ free(utrans);
+ free(ltrans);
+ free(range);
return -1;
}
} else {
if (asprintf(&trans, "%s-%s", ltrans, utrans) < 0) {
log_error("asprintf failed %s", strerror(errno));
+ free(utrans);
+ free(ltrans);
+ free(range);
return -1;
}
}
@@ -1629,13 +1656,22 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
if (!canonical) {
canonical = compute_trans_from_raw(raw, domain);
if (canonical && strcmp(canonical, range))
- if (add_cache(domain, raw, canonical) < 0)
+ if (add_cache(domain, raw, canonical) < 0) {
+ free(canonical);
+ free(range);
+ free(raw);
return -1;
+ }
}
- if (canonical)
+ if (canonical) {
free(canonical);
- if (add_cache(domain, raw, range) < 0)
+ free(raw);
+ }
+ if (add_cache(domain, raw, range) < 0) {
+ free(range);
+ free(raw);
return -1;
+ }
} else {
log_debug("untrans_context unable to compute raw context %s\n", range);
}
@@ -1650,17 +1686,25 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
if (!canonical) {
canonical = compute_trans_from_raw(lraw, domain);
if (canonical)
- if (add_cache(domain, lraw, canonical) < 0)
+ if (add_cache(domain, lraw, canonical) < 0) {
+ free(canonical);
+ free(lraw);
+ free(range);
return -1;
+ }
}
if (canonical)
free(canonical);
- if (add_cache(domain, lraw, lrange) < 0)
+ if (add_cache(domain, lraw, lrange) < 0) {
+ free(lraw);
+ free(range);
return -1;
+ }
} else {
lraw = strdup(lrange);
if (! lraw) {
log_error("strdup failed %s", strerror(errno));
+ free(range);
return -1;
}
}
@@ -1674,17 +1718,28 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
if (!canonical) {
canonical = compute_trans_from_raw(uraw, domain);
if (canonical)
- if (add_cache(domain, uraw, canonical) < 0)
+ if (add_cache(domain, uraw, canonical) < 0) {
+ free(canonical);
+ free(uraw);
+ free(lraw);
+ free(range);
return -1;
}
+ }
if (canonical)
free(canonical);
- if (add_cache(domain, uraw, urange) < 0)
+ if (add_cache(domain, uraw, urange) < 0) {
+ free(uraw);
+ free(lraw);
+ free(range);
return -1;
+ }
} else {
uraw = strdup(urange);
if (! uraw) {
log_error("strdup failed %s", strerror(errno));
+ free(lraw);
+ free(range);
return -1;
}
}
@@ -1694,11 +1749,17 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
if (strcmp(lraw, uraw) == 0) {
if (asprintf(&raw, "%s", lraw) < 0) {
log_error("asprintf failed %s", strerror(errno));
+ free(uraw);
+ free(lraw);
+ free(range);
return -1;
}
} else {
if (asprintf(&raw, "%s-%s", lraw, uraw) < 0) {
log_error("asprintf failed %s", strerror(errno));
+ free(uraw);
+ free(lraw);
+ free(range);
return -1;
}
}
diff --git mcstrans-2.8/src/mcstransd.c mcstrans-2.8/src/mcstransd.c
index d7fc5de..a5a63d7 100644
--- mcstrans-2.8/src/mcstransd.c
+++ mcstrans-2.8/src/mcstransd.c
@@ -345,6 +345,7 @@ process_events(struct pollfd **ufds, int *nfds)
/* Setup pollfd for deletion later. */
(*ufds)[ii].fd = -1;
close(connfd);
+ connfd = -1;
/* So we don't get bothered later */
revents = revents & ~(POLLHUP);
}
@@ -358,10 +359,11 @@ process_events(struct pollfd **ufds, int *nfds)
/* Set the pollfd up for deletion later. */
(*ufds)[ii].fd = -1;
close(connfd);
+ connfd = -1;
revents = revents & ~(POLLHUP);
}
- if (revents) {
+ if (revents && connfd != -1) {
syslog(LOG_ERR, "Unknown/error events (%x) encountered"
" for fd (%d)\n", revents, connfd);