kernel/auditfilter.c: fix leak in audit_add_rule() error path
authorChen Gang <gang.chen@asianux.com>
Mon, 8 Jul 2013 22:59:38 +0000 (15:59 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Tue, 9 Jul 2013 17:33:19 +0000 (10:33 -0700)
If both 'tree' and 'watch' are valid we must call audit_put_tree(), just
like the preceding code within audit_add_rule().

Signed-off-by: Chen Gang <gang.chen@asianux.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Eric Paris <eparis@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
kernel/auditfilter.c

index 0ee9eff866d6b5a9b1e26772487fd04a1fa5371a..3d15c66b7f0ba18928680f8dd9086fc4c99853df 100644 (file)
@@ -865,6 +865,12 @@ static inline int audit_add_rule(struct audit_entry *entry)
                err = audit_add_watch(&entry->rule, &list);
                if (err) {
                        mutex_unlock(&audit_filter_mutex);
+                       /*
+                        * normally audit_add_tree_rule() will free it
+                        * on failure
+                        */
+                       if (tree)
+                               audit_put_tree(tree);
                        goto error;
                }
        }