From 33ab4fea23d8e57b4abab0e10d556ff6344ecf37 Mon Sep 17 00:00:00 2001 From: Patrick Georgi Date: Fri, 29 Jul 2016 16:36:23 +0200 Subject: libpayload: fix leak in libcbfs stage wasn't freed on errors. Change-Id: I10d2f42f3e484955619addbef2898981f6f90a35 Signed-off-by: Patrick Georgi Found-by: Coverity Scan #1347345 Reviewed-on: https://review.coreboot.org/15958 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel Reviewed-by: Duncan Laurie --- payloads/libpayload/libcbfs/cbfs.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'payloads/libpayload') diff --git a/payloads/libpayload/libcbfs/cbfs.c b/payloads/libpayload/libcbfs/cbfs.c index 38b1ff8c71..3cce799fe3 100644 --- a/payloads/libpayload/libcbfs/cbfs.c +++ b/payloads/libpayload/libcbfs/cbfs.c @@ -116,8 +116,10 @@ void * cbfs_load_stage(struct cbfs_media *media, const char *name) sizeof(struct cbfs_stage), (void *) (uintptr_t) stage->load, stage->len); - if (!final_size) - return (void *) -1; + if (!final_size) { + entry = -1; + goto out; + } memset((void *)((uintptr_t)stage->load + final_size), 0, stage->memlen - final_size); @@ -127,6 +129,7 @@ void * cbfs_load_stage(struct cbfs_media *media, const char *name) entry = stage->entry; // entry = ntohll(stage->entry); +out: free(stage); return (void *) entry; } -- cgit v1.2.3