From dce629b2f8260010a06ea5a9bd31f5c65f483f3d Mon Sep 17 00:00:00 2001
From: Patrick Georgi <pgeorgi@chromium.org>
Date: Fri, 13 Jan 2017 13:30:54 +0100
Subject: util/cbfstool: avoid memleaks and off-by-ones

Change-Id: Iac136a5dfe76f21aa7c0d5ee4e974e50b955403b
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: scan-build 3.8
Reviewed-on: https://review.coreboot.org/18134
Tested-by: build bot (Jenkins)
Reviewed-by: Nico Huber <nico.h@gmx.de>
---
 util/cbfstool/cbfs_image.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'util/cbfstool/cbfs_image.c')

diff --git a/util/cbfstool/cbfs_image.c b/util/cbfstool/cbfs_image.c
index e530224fac..1f4b49a48d 100644
--- a/util/cbfstool/cbfs_image.c
+++ b/util/cbfstool/cbfs_image.c
@@ -1150,13 +1150,22 @@ static int cbfs_payload_make_elf(struct buffer *buff, uint32_t arch)
 				       segs[i].len);
 		} else if (segs[i].type == PAYLOAD_SEGMENT_ENTRY) {
 			break;
+		} else {
+			ERROR("unknown ELF segment type\n");
+			goto out;
 		}
 
+		if (!name) {
+			ERROR("out of memory\n");
+			goto out;
+		}
 
 		if (elf_writer_add_section(ew, &shdr, &tbuff, name)) {
 			ERROR("Unable to add ELF section: %s\n", name);
+			free(name);
 			goto out;
 		}
+		free(name);
 
 		if (empty_sz != 0) {
 			struct buffer b;
@@ -1168,10 +1177,16 @@ static int cbfs_payload_make_elf(struct buffer *buff, uint32_t arch)
 			shdr.sh_addr = segs[i].load_addr + segs[i].len;
 			shdr.sh_size = empty_sz;
 			name = strdup(".empty");
+			if (!name) {
+				ERROR("out of memory\n");
+				goto out;
+			}
 			if (elf_writer_add_section(ew, &shdr, &b, name)) {
 				ERROR("Unable to add ELF section: %s\n", name);
+				free(name);
 				goto out;
 			}
+			free(name);
 		}
 	}
 
-- 
cgit v1.2.3