From 678eef087f9a939085addfbeea887df1758a1f1d Mon Sep 17 00:00:00 2001
From: Alexander Nyberg <alexn@dsv.su.se>
Date: Mon, 28 Feb 2005 19:47:30 -0800
Subject: [PATCH] [PATCH] SELinux: Leak in error path

There's a leak here in the first error path.

Found by the Coverity tool.

Signed-off-by: Alexander Nyberg <alexn@dsv.su.se>
Acked-by: James Morris <jmorris@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
---
 security/selinux/ss/conditional.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index 90f5fbd5fad5..372e6a729b61 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -401,8 +401,10 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp)
 		expr->expr_type = le32_to_cpu(buf[0]);
 		expr->bool = le32_to_cpu(buf[1]);
 
-		if (!expr_isvalid(p, expr))
+		if (!expr_isvalid(p, expr)) {
+			kfree(expr);
 			goto err;
+		}
 
 		if (i == 0) {
 			node->expr = expr;
-- 
2.39.5