From: Maks Mishin <maks.mishinFZ@gmail.com>
Date: Tue, 10 Dec 2024 09:26:32 +0000 (+0300)
Subject: sys-utils: (setpriv): fix potential memory leak
X-Git-Tag: v2.42-start~118^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=480682e6423308df28fed2c33770a9c400db6806;p=thirdparty%2Futil-linux.git

sys-utils: (setpriv): fix potential memory leak

Dynamic memory, referenced by 'my_caps' is allocated by calling function 'xstrdup'
add then changed by calling of strsep function.
The free(my_caps) call is incorrect if my_caps != NULL, and points to some
place inside or outside the source string.

Signed-off-by: Maks Mishin <maks.mishinFZ@gmail.com>
---

diff --git a/sys-utils/setpriv.c b/sys-utils/setpriv.c
index 19b8c80aa..87299a10d 100644
--- a/sys-utils/setpriv.c
+++ b/sys-utils/setpriv.c
@@ -542,6 +542,7 @@ static int cap_update(capng_act_t action,
 static void do_caps(enum cap_type type, const char *caps)
 {
 	char *my_caps = xstrdup(caps);
+	char *source_my_caps = my_caps;
 	char *c;
 
 	while ((c = strsep(&my_caps, ","))) {
@@ -572,7 +573,7 @@ static void do_caps(enum cap_type type, const char *caps)
 		}
 	}
 
-	free(my_caps);
+	free(source_my_caps);
 }
 
 static void parse_securebits(struct privctx *opts, const char *arg)