[PATCH 1/1] efi_loader: memory leak in efi_capsule_scan_dir()
Heinrich Schuchardt
xypron.glpk at gmx.de
Sun Apr 11 06:58:04 CEST 2021
If realloc() fails, we should free the old buffer.
Fixes: c74cd8bd08d1: ("efi_loader: capsule: add capsule_on_disk support")
Signed-off-by: Heinrich Schuchardt <xypron.glpk at gmx.de>
---
lib/efi_loader/efi_capsule.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index 9df9c35084..691eda5e0d 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -756,8 +756,11 @@ static efi_status_t efi_capsule_scan_dir(u16 ***files, unsigned int *num)
tmp_size = dirent_size;
ret = EFI_CALL((*dirh->read)(dirh, &tmp_size, dirent));
if (ret == EFI_BUFFER_TOO_SMALL) {
+ struct efi_file_info *old_dirent = dirent;
+
dirent = realloc(dirent, tmp_size);
if (!dirent) {
+ dirent = old_dirent;
ret = EFI_OUT_OF_RESOURCES;
goto err;
}
--
2.30.2
More information about the U-Boot
mailing list