selinux: fix potential memleak in selinux_add_opt()

This patch try to fix potential memleak in error branch.

Fixes: ba6418623385 ("selinux: new helper - selinux_add_opt()")
Signed-off-by: Bernard Zhao <[email protected]>
[PM: tweak the subject line, add Fixes tag]
Signed-off-by: Paul Moore <[email protected]>

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 818ce976ff6c11632a78c9941cce075327392e95..8ef63b7af85574a605e399e2b35d3afbf1a98cc7 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -970,18 +970,22 @@ out:
 static int selinux_add_opt(int token, const char *s, void **mnt_opts)
 {
        struct selinux_mnt_opts *opts = *mnt_opts;
+       bool is_alloc_opts = false;
 
        if (token == Opt_seclabel)      /* eaten and completely ignored */
                return 0;
 
+       if (!s)
+               return -ENOMEM;
+
        if (!opts) {
                opts = kzalloc(sizeof(struct selinux_mnt_opts), GFP_KERNEL);
                if (!opts)
                        return -ENOMEM;
                *mnt_opts = opts;
+               is_alloc_opts = true;
        }
-       if (!s)
-               return -ENOMEM;
+
        switch (token) {
        case Opt_context:
                if (opts->context || opts->defcontext)
@@ -1006,6 +1010,10 @@ static int selinux_add_opt(int token, const char *s, void **mnt_opts)
        }
        return 0;
 Einval:
+       if (is_alloc_opts) {
+               kfree(opts);
+               *mnt_opts = NULL;
+       }
        pr_warn(SEL_MOUNT_FAIL_MSG);
        return -EINVAL;
 }