From 81950dae4e2fd9abfa3136dc22549a43a7f606cc Mon Sep 17 00:00:00 2001
From: Ryan Lee <ryan.lee@canonical.com>
Date: Fri, 18 Oct 2024 16:27:44 -0700
Subject: [PATCH] Fix memory leak in aare_rules UniquePermsCache

When the find fails but the insertion also fails, we leak the new node
that we generated. Delete the new node in this case to avoid leaking
memory.

Signed-off-by: Ryan Lee <ryan.lee@canonical.com>
---
 parser/libapparmor_re/aare_rules.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/parser/libapparmor_re/aare_rules.h b/parser/libapparmor_re/aare_rules.h
index f3232a619..91ae289b3 100644
--- a/parser/libapparmor_re/aare_rules.h
+++ b/parser/libapparmor_re/aare_rules.h
@@ -90,8 +90,10 @@ public:
 			else
 				node = new MatchFlag(priority, perms, audit);
 			pair<iterator, bool> val = nodes.insert(make_pair(tmp, node));
-			if (val.second == false)
+			if (val.second == false) {
+				delete node;
 				return val.first->second;
+			}
 			return node;
 		}
 		return res->second;