apparmor: fix memory leak in verify_header - kernel - Hosts the 0x221E linux distro kernel.

diff options

author	Massimiliano Pellizzer <massimiliano.pellizzer@canonical.com>	2026-01-20 15:24:04 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2026-03-13 17:20:47 +0100
commit	786e2c2a87d9c505f33321d1fd23a176aa8ddeb1 (patch)
tree	e3a22be90bbce88b4f23e884946a652302535225 /crypto
parent	15c3eb8916e7db01cb246d04a1fe6f0fdc065b0c (diff)

apparmor: fix memory leak in verify_header

commit e38c55d9f834e5b848bfed0f5c586aaf45acb825 upstream. The function sets `*ns = NULL` on every call, leaking the namespace string allocated in previous iterations when multiple profiles are unpacked. This also breaks namespace consistency checking since *ns is always NULL when the comparison is made. Remove the incorrect assignment. The caller (aa_unpack) initializes *ns to NULL once before the loop, which is sufficient. Fixes: dd51c8485763 ("apparmor: provide base for multiple profiles to be replaced at once") Reported-by: Qualys Security Advisory <qsa@qualys.com> Tested-by: Salvatore Bonaccorso <carnil@debian.org> Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com> Reviewed-by: Cengiz Can <cengiz.can@canonical.com> Signed-off-by: Massimiliano Pellizzer <massimiliano.pellizzer@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'crypto')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: