From 21cbc56c43af04a72ee2d77023194f436027eb4d Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sat, 4 Oct 2025 17:26:47 -0700
Subject: [PATCH] Xext/xselinux: avoid memory leak in SELinuxAtomToSID()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Reported in #1817:

xwayland-24.1.6/redhat-linux-build/../Xext/xselinux_label.c:142:13: warning[-Wanalyzer-malloc-leak]: leak of ‘rec’
xwayland-24.1.6/redhat-linux-build/../Xext/xselinux_label.c:133:1: enter_function: entry to ‘SELinuxAtomToSID’
xwayland-24.1.6/redhat-linux-build/../Xext/xselinux_label.c:141:15: acquire_memory: allocated here
xwayland-24.1.6/redhat-linux-build/../Xext/xselinux_label.c:69:12: branch_true: following ‘true’ branch...
xwayland-24.1.6/redhat-linux-build/../Xext/xselinux_label.c:142:13: danger: ‘rec’ leaks here; was allocated at [(2)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/1)
#  140|       if (!rec) {
#  141|           rec = calloc(1, sizeof(SELinuxAtomRec));
#  142|->         if (!rec || !SELinuxArraySet(&arr_atoms, atom, rec))
#  143|               return BadAlloc;
#  144|       }

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2072>
---
 Xext/xselinux_label.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/Xext/xselinux_label.c b/Xext/xselinux_label.c
index 4110f9074..d7d7fcec9 100644
--- a/Xext/xselinux_label.c
+++ b/Xext/xselinux_label.c
@@ -137,8 +137,12 @@ SELinuxAtomToSID(Atom atom, int prop, SELinuxObjectRec ** obj_rtn)
     rec = SELinuxArrayGet(&arr_atoms, atom);
     if (!rec) {
         rec = calloc(1, sizeof(SELinuxAtomRec));
-        if (!rec || !SELinuxArraySet(&arr_atoms, atom, rec))
+        if (!rec)
             return BadAlloc;
+        if (!SELinuxArraySet(&arr_atoms, atom, rec)) {
+            free(rec);
+            return BadAlloc;
+        }
     }
 
     if (prop) {