bpf: don't return a bogus pointer when gen_bpf_generate() fails

In the case where gen_bpf_generate() fails due to a _gen_bpf_build_bpf() failure we were returning a pointer to a BPF program block which we had already freed - oops. Thankfully the fix is trivial. Special thanks to Tudor Brindus for not only reporting the problem but providing a very detailed root cause analysis. Reported-by: Tudor Brindus <me@tbrindus.ca> Acked-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Paul Moore <paul@paul-moore.com> 2020-06-16 19:17:40 -0400
committer: Paul Moore <paul@paul-moore.com> 2020-06-27 17:11:04 -0400
commit: c0a6e6fd15f74c429a0b74e0dfd4de5a29aabebd (patch)
tree: 6cdfa4122cf7abd6a0ebfeeea0718a54bdd85b6b
parent: 0d2996616eba39263e1bed83a87afd5e566703c2 (diff)
download: libseccomp-c0a6e6fd15f74c429a0b74e0dfd4de5a29aabebd.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/src/gen_bpf.c b/src/gen_bpf.c
index 1b559b0..4e38c3c 100644
--- a/src/gen_bpf.c
+++ b/src/gen_bpf.c
@@ -1968,6 +1968,8 @@ struct bpf_program *gen_bpf_generate(const struct db_filter_col *col)
 	rc = _gen_bpf_build_bpf(&state, col);
 	if (rc == 0)
 		state.bpf = NULL;
+	else
+		prgm = NULL;
 	_state_release(&state);
 
 	return prgm;
author	Paul Moore <paul@paul-moore.com>	2020-06-16 19:17:40 -0400
committer	Paul Moore <paul@paul-moore.com>	2020-06-27 17:11:04 -0400
commit	c0a6e6fd15f74c429a0b74e0dfd4de5a29aabebd (patch)
tree	6cdfa4122cf7abd6a0ebfeeea0718a54bdd85b6b
parent	0d2996616eba39263e1bed83a87afd5e566703c2 (diff)
download	libseccomp-c0a6e6fd15f74c429a0b74e0dfd4de5a29aabebd.tar.gz