[U-Boot] [PATCH v2 4/8] fdtgrep: Fix logic of free() in do_fdtgrep()

Simon Glass sjg at chromium.org
Tue Jun 12 06:04:58 UTC 2018


This loop never actually exits, but the way the code is written this is
not obvious. Add an explicit error check.

Reported-by: Coverity (CID: 131280)
Signed-off-by: Simon Glass <sjg at chromium.org>
---

Changes in v2:
- Add a missing free() from one error path

 tools/fdtgrep.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tools/fdtgrep.c b/tools/fdtgrep.c
index f2b8b71ed7..d9f6fb0740 100644
--- a/tools/fdtgrep.c
+++ b/tools/fdtgrep.c
@@ -801,7 +801,7 @@ static int do_fdtgrep(struct display_info *disp, const char *filename)
 	 * The first pass will count the regions, but if it is too many,
 	 * we do another pass to actually record them.
 	 */
-	for (i = 0; i < 3; i++) {
+	for (i = 0; i < 2; i++) {
 		region = malloc(count * sizeof(struct fdt_region));
 		if (!region) {
 			fprintf(stderr, "Out of memory for %d regions\n",
@@ -815,11 +815,14 @@ static int do_fdtgrep(struct display_info *disp, const char *filename)
 				disp->flags);
 		if (count < 0) {
 			report_error("fdt_find_regions", count);
+			free(region);
 			return -1;
 		}
 		if (count <= max_regions)
 			break;
 		free(region);
+		fprintf(stderr, "Internal error with fdtgrep_find_region)(\n");
+		return -1;
 	}
 
 	/* Optionally print a list of regions */
-- 
2.18.0.rc1.244.gcf134e6275-goog



More information about the U-Boot mailing list