security: Resolve possible memory leak

If virSecuritySELinuxRestoreFileLabel returns 0 or -1 too soon, then
the @newpath will be leaked.

Suggested-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 4de8b6f9cd81ee73958e067a4e5689c48f9714e6..f3690a4cb148d81e59987d4a06a197c06b624d96 100644 (file)
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1477,10 +1477,12 @@ virSecuritySELinuxRestoreFileLabel(virSecurityManagerPtr mgr,
         goto cleanup;
     }
 
-    if ((rc = virSecuritySELinuxTransactionAppend(path, NULL, false, true)) < 0)
-        return -1;
-    else if (rc > 0)
-        return 0;
+    if ((rc = virSecuritySELinuxTransactionAppend(path, NULL, false, true)) < 0) {
+        goto cleanup;
+    } else if (rc > 0) {
+        ret = 0;
+        goto cleanup;
+    }
 
     if (recall) {
         if ((rc = virSecuritySELinuxRecallLabel(newpath, &fcon)) < 0) {