summaryrefslogtreecommitdiff
path: root/payloads/libpayload/libcbfs
diff options
context:
space:
mode:
authorPatrick Georgi <pgeorgi@chromium.org>2016-07-29 16:36:23 +0200
committerMartin Roth <martinroth@google.com>2016-07-31 20:01:10 +0200
commit33ab4fea23d8e57b4abab0e10d556ff6344ecf37 (patch)
tree09d7bac1b56cab9646f4388fec888fb846252fe5 /payloads/libpayload/libcbfs
parent41b3196bc88b0c869bba0f3e806904c390341306 (diff)
downloadcoreboot-33ab4fea23d8e57b4abab0e10d556ff6344ecf37.tar.xz
libpayload: fix leak in libcbfs
stage wasn't freed on errors. Change-Id: I10d2f42f3e484955619addbef2898981f6f90a35 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Found-by: Coverity Scan #1347345 Reviewed-on: https://review.coreboot.org/15958 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Diffstat (limited to 'payloads/libpayload/libcbfs')
-rw-r--r--payloads/libpayload/libcbfs/cbfs.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/payloads/libpayload/libcbfs/cbfs.c b/payloads/libpayload/libcbfs/cbfs.c
index 38b1ff8c71..3cce799fe3 100644
--- a/payloads/libpayload/libcbfs/cbfs.c
+++ b/payloads/libpayload/libcbfs/cbfs.c
@@ -116,8 +116,10 @@ void * cbfs_load_stage(struct cbfs_media *media, const char *name)
sizeof(struct cbfs_stage),
(void *) (uintptr_t) stage->load,
stage->len);
- if (!final_size)
- return (void *) -1;
+ if (!final_size) {
+ entry = -1;
+ goto out;
+ }
memset((void *)((uintptr_t)stage->load + final_size), 0,
stage->memlen - final_size);
@@ -127,6 +129,7 @@ void * cbfs_load_stage(struct cbfs_media *media, const char *name)
entry = stage->entry;
// entry = ntohll(stage->entry);
+out:
free(stage);
return (void *) entry;
}