d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

loader.efi: find_currdev() can leak memory

Browse Source 
The find_currdev() is using variable "copy" to store the reference to trimmed
devpath pointer, if for some reason the efi_devpath_handle() fails, we will
leak this copy.

Also we can simplify the code there a bit.

Reviewed by:	allanjude
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D9191
This commit is contained in:
Toomas Soome 2017-01-15 20:03:13 +00:00
parent e0812c1468
commit 6bd75de90e
1 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
sys/boot/efi/loader/main.c
View File

@ -219,20 +219,19 @@ find_currdev(EFI_LOADED_IMAGE *img, struct devsw **dev, int *unit,
if (h == NULL)
break;
if (efi_handle_lookup(h, dev, unit, extra) == 0) {
if (copy != NULL)
free(copy);
return (0);
}
free(copy);
copy = NULL;
if (efi_handle_lookup(h, dev, unit, extra) == 0)
return (0);
if (copy != NULL)
free(copy);
devpath = efi_lookup_devpath(h);
if (devpath != NULL) {
copy = efi_devpath_trim(devpath);
devpath = copy;
}
}
free(copy);
/* Try to fallback on first device */
if (devsw[0] != NULL) {