diff options
-rw-r--r-- | src/shared/selinux-util.c | 16 |
1 files changed, 4 insertions, 12 deletions
diff --git a/src/shared/selinux-util.c b/src/shared/selinux-util.c index 0584803bc4..bab7183bcf 100644 --- a/src/shared/selinux-util.c +++ b/src/shared/selinux-util.c @@ -167,7 +167,7 @@ int mac_selinux_get_create_label_from_exe(const char *exe, char **label) { int r = 0; #ifdef HAVE_SELINUX - security_context_t mycon = NULL, fcon = NULL; + _cleanup_security_context_free_ security_context_t mycon = NULL, fcon = NULL; security_class_t sclass; if (!mac_selinux_use()) { @@ -191,9 +191,6 @@ int mac_selinux_get_create_label_from_exe(const char *exe, char **label) { fail: if (r < 0 && security_getenforce() == 1) r = -errno; - - freecon(mycon); - freecon(fcon); #endif return r; @@ -311,7 +308,7 @@ int mac_selinux_context_set(const char *path, mode_t mode) { int r = 0; #ifdef HAVE_SELINUX - security_context_t filecon = NULL; + _cleanup_security_context_free_ security_context_t filecon = NULL; if (!mac_selinux_use() || !label_hnd) return 0; @@ -325,8 +322,6 @@ int mac_selinux_context_set(const char *path, mode_t mode) { log_error("Failed to set SELinux file context on %s: %m", path); r = -errno; } - - freecon(filecon); } if (r < 0 && security_getenforce() == 0) @@ -393,7 +388,7 @@ int mac_selinux_mkdir(const char *path, mode_t mode) { #ifdef HAVE_SELINUX /* Creates a directory and labels it according to the SELinux policy */ - security_context_t fcon = NULL; + _cleanup_security_context_free_ security_context_t fcon = NULL; if (!label_hnd) return 0; @@ -428,7 +423,6 @@ int mac_selinux_mkdir(const char *path, mode_t mode) { finish: setfscreatecon(NULL); - freecon(fcon); #endif return r; @@ -439,7 +433,7 @@ int mac_selinux_bind(int fd, const struct sockaddr *addr, socklen_t addrlen) { /* Binds a socket and label its file system object according to the SELinux policy */ #ifdef HAVE_SELINUX - security_context_t fcon = NULL; + _cleanup_security_context_free_ security_context_t fcon = NULL; const struct sockaddr_un *un; char *path; int r; @@ -496,8 +490,6 @@ int mac_selinux_bind(int fd, const struct sockaddr *addr, socklen_t addrlen) { finish: setfscreatecon(NULL); - freecon(fcon); - return r; skipped: |