[PATCH 1/1] efi_loader: memory leak in efi_capsule_scan_dir()

Heinrich Schuchardt xypron.glpk at gmx.de
Sun Apr 11 06:58:04 CEST 2021


If realloc() fails, we should free the old buffer.

Fixes: c74cd8bd08d1: ("efi_loader: capsule: add capsule_on_disk support")
Signed-off-by: Heinrich Schuchardt <xypron.glpk at gmx.de>
---
 lib/efi_loader/efi_capsule.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index 9df9c35084..691eda5e0d 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -756,8 +756,11 @@ static efi_status_t efi_capsule_scan_dir(u16 ***files, unsigned int *num)
 		tmp_size = dirent_size;
 		ret = EFI_CALL((*dirh->read)(dirh, &tmp_size, dirent));
 		if (ret == EFI_BUFFER_TOO_SMALL) {
+			struct efi_file_info *old_dirent = dirent;
+
 			dirent = realloc(dirent, tmp_size);
 			if (!dirent) {
+				dirent = old_dirent;
 				ret = EFI_OUT_OF_RESOURCES;
 				goto err;
 			}
--
2.30.2



More information about the U-Boot mailing list