associate audit_rule_free_data with audit_rule_create_data for cleanup

stevegrubb · stevegrubb · commit 086e698e7fc6 · 2025-06-13T08:35:27.000-04:00
diff --git a/lib/libaudit.h b/lib/libaudit.h
@@ -40,6 +40,14 @@
 #ifndef __wur
 # define __wur
 #endif
+// malloc and free assignments
+#ifndef __attr_dealloc
+# define __attr_dealloc(dealloc, argno)
+# define __attr_dealloc_free
+#endif
+#ifndef __attribute_malloc__
+#  define __attribute_malloc__
+#endif
 
 #include <audit_logging.h>
 
@@ -281,24 +289,24 @@ int audit_delete_rule_data(int fd, struct audit_rule_data *rule,
                                   int flags, int action);
 
 /* Rule-building helper functions */
+/* Deallocates the audit_rule_rule object, and any associated resources */
+void audit_rule_free_data(struct audit_rule_data *rule);
 /* Heap-allocates and initializes an audit_rule_data */
-struct audit_rule_data *audit_rule_create_data(void);
+struct audit_rule_data *audit_rule_create_data(void)
+	__attribute_malloc__ __attr_dealloc (audit_rule_free_data, 1);
 /* Initializes an existing audit_rule_data struct */
 void audit_rule_init_data(struct audit_rule_data *rule);
 int audit_rule_syscallbyname_data(struct audit_rule_data *rule,
                                           const char *scall);
 int audit_rule_io_uringbyname_data(struct audit_rule_data *rule,
                                           const char *scall);
 
-/* Note that the following function takes a **, where audit_rule_fieldpair()
- * takes just a *.  That structure may need to be reallocated as a result of
- * adding new fields */
+/* Note that the following function takes a **. That structure may need
+ * to be reallocated as a result of adding new fields */
 int audit_rule_fieldpair_data(struct audit_rule_data **rulep,
                                       char *pair, int flags);
 int audit_rule_interfield_comp_data(struct audit_rule_data **rulep,
 					 char *pair, int flags);
-/* Deallocates the audit_rule_rule object, and any associated resources */
-void audit_rule_free_data(struct audit_rule_data *rule);
 
 /* Capability testing functions */
 int audit_can_control(void);
