From fd1479a0af1ba896ae194c9fc91ec7dd49416d9b Mon Sep 17 00:00:00 2001
From: Po Lu <luangruo@yahoo.com>
Date: Sun, 20 Aug 2023 12:46:33 +0800
Subject: [PATCH] Fix libselinux object leaks

* src/fileio.c (Fcopy_file, Fset_file_selinux_context): Call
freecon prior to signaling file errors.
---
 src/fileio.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/fileio.c b/src/fileio.c
index fc9b04678f5..51e3e8849d1 100644
--- a/src/fileio.c
+++ b/src/fileio.c
@@ -2496,6 +2496,8 @@ permissions.  */)
     {
       /* Set the modified context back to the file.  */
       bool fail = fsetfilecon (ofd, con) != 0;
+      freecon (con);
+
       /* See https://debbugs.gnu.org/11245 for ENOTSUP.  */
       if (fail
 #if defined HAVE_ANDROID && !defined ANDROID_STUBIFY
@@ -2506,8 +2508,6 @@ permissions.  */)
 #endif /* defined HAVE_ANDROID && !defined ANDROID_STUBIFY */
 	  && errno != ENOTSUP)
 	report_file_error ("Doing fsetfilecon", newname);
-
-      freecon (con);
     }
 #endif
 
@@ -3510,12 +3510,12 @@ or if Emacs was not compiled with SELinux support.  */)
 	  fail = (lsetfilecon (SSDATA (encoded_absname),
 			       context_str (parsed_con))
 		  != 0);
+	  context_free (parsed_con);
+	  freecon (con);
+
           /* See https://debbugs.gnu.org/11245 for ENOTSUP.  */
 	  if (fail && errno != ENOTSUP)
 	    report_file_error ("Doing lsetfilecon", absname);
-
-	  context_free (parsed_con);
-	  freecon (con);
 	  return fail ? Qnil : Qt;
 	}
       else
-- 
2.39.5