From 5b920f8230ecd56c8a380d83dbc4dd18f84cfa1c Mon Sep 17 00:00:00 2001
From: Ylarod <me@ylarod.cn>
Date: Sun, 14 Jan 2024 11:15:52 +0800
Subject: [PATCH] kernel: fix secctx mem leak (#1283)

Co-authored-by: weishu <twsxtd@gmail.com>
---
 kernel/selinux/selinux.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/kernel/selinux/selinux.c b/kernel/selinux/selinux.c
index d53181a1..40a92631 100644
--- a/kernel/selinux/selinux.c
+++ b/kernel/selinux/selinux.c
@@ -103,11 +103,14 @@ bool is_ksu_domain()
 {
 	char *domain;
 	u32 seclen;
+	bool result;
 	int err = security_secid_to_secctx(current_sid(), &domain, &seclen);
 	if (err) {
 		return false;
 	}
-	return strncmp(KERNEL_SU_DOMAIN, domain, seclen) == 0;
+	result = strncmp(KERNEL_SU_DOMAIN, domain, seclen) == 0;
+	security_release_secctx(domain, seclen);
+	return result;
 }
 
 bool is_zygote(void *sec)
@@ -118,9 +121,12 @@ bool is_zygote(void *sec)
 	}
 	char *domain;
 	u32 seclen;
+	bool result;
 	int err = security_secid_to_secctx(tsec->sid, &domain, &seclen);
 	if (err) {
 		return false;
 	}
-	return strncmp("u:r:zygote:s0", domain, seclen) == 0;
+	result = strncmp("u:r:zygote:s0", domain, seclen) == 0;
+	security_release_secctx(domain, seclen);
+	return result;
 }
\ No newline at end of file