From ac46b4f33758d13cb91b19ab3f988aef8df4d908 Mon Sep 17 00:00:00 2001
From: Brandon Duffany <brandon@buildbuddy.io>
Date: Tue, 11 Oct 2022 09:57:54 -0400
Subject: [PATCH] Fix memory leak in selinux_linux.go

---
 pkg/selinux/selinux_linux.go | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/pkg/selinux/selinux_linux.go b/pkg/selinux/selinux_linux.go
index c1550e6e..5fbbfe9e 100644
--- a/pkg/selinux/selinux_linux.go
+++ b/pkg/selinux/selinux_linux.go
@@ -2,8 +2,13 @@ package selinux
 
 // #cgo pkg-config: libselinux libsepol
 // #include <selinux/selinux.h>
+// #include <stdlib.h>
 import "C"
 
+import (
+	"unsafe"
+)
+
 func InitializeSelinux() (int, error) {
 	enforce := C.int(0)
 	ret, err := C.selinux_init_load_policy(&enforce)
@@ -11,6 +16,12 @@ func InitializeSelinux() (int, error) {
 }
 
 func SetFileContext(path string, context string) (int, error) {
-	ret, err := C.setfilecon(C.CString(path), C.CString(context))
+	cPath := C.CString(path)
+	defer C.free(unsafe.Pointer(cPath))
+
+	cContext := C.CString(context)
+	defer C.free(unsafe.Pointer(cContext))
+
+	ret, err := C.setfilecon(cPath, cContext)
 	return int(ret), err
 }