From 5c58f28cb4fa9965d5755b0eb1d0fcbd593b51ca Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tm@t8m.info>
Date: Thu, 11 Nov 2010 16:15:52 +0000
Subject: Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2010-11-11  Tomas Mraz  <tm@t8m.info>

        * modules/pam_selinux/pam_selinux.c (pam_sm_open_session): Fix
        potential use after free in case SELinux is misconfigured.

        * modules/pam_namespace/pam_namespace.c (process_line): Fix memory
        leak when parsing empty config file lines.
---
 modules/pam_namespace/pam_namespace.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'modules/pam_namespace/pam_namespace.c')

diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c
index a13f9599..baa7f85a 100644
--- a/modules/pam_namespace/pam_namespace.c
+++ b/modules/pam_namespace/pam_namespace.c
@@ -307,10 +307,6 @@ static int process_line(char *line, const char *home, const char *rhome,
     const char *rvar_values[] = {rhome, idata->ruser};
     int len;
 
-    poly = calloc(1, sizeof(*poly));
-    if (poly == NULL)
-    	goto erralloc;
-
     /*
      * skip the leading white space
      */
@@ -337,6 +333,10 @@ static int process_line(char *line, const char *home, const char *rhome,
     if (line[0] == 0)
         return 0;
 
+    poly = calloc(1, sizeof(*poly));
+    if (poly == NULL)
+    	goto erralloc;
+
     /*
      * Initialize and scan the five strings from the line from the
      * namespace configuration file.
-- 
cgit v1.2.3