[PATCH] board: fsl_validate: Fix resource leak issue

Kshitiz Varshney kshitiz.varshney at nxp.com
Sun Aug 1 14:31:45 CEST 2021


Free dynamically allocated memory before every return statement
in calc_img_key_hash() and calc_esbchdr_esbc_hash() function.
Verified the secure boot changes using ls1046afrwy board.

Signed-off-by: Kshitiz Varshney <kshitiz.varshney at nxp.com>
---
 board/freescale/common/fsl_validate.c | 36 ++++++++++++++++++++-------
 1 file changed, 27 insertions(+), 9 deletions(-)

diff --git a/board/freescale/common/fsl_validate.c b/board/freescale/common/fsl_validate.c
index 564a8b3b54..5cec0131f2 100644
--- a/board/freescale/common/fsl_validate.c
+++ b/board/freescale/common/fsl_validate.c
@@ -1,6 +1,7 @@
 // SPDX-License-Identifier: GPL-2.0+
 /*
  * Copyright 2015 Freescale Semiconductor, Inc.
+ * Copyright 2021 NXP
  */
 
 #include <common.h>
@@ -498,8 +499,11 @@ static int calc_img_key_hash(struct fsl_secboot_img_priv *img)
 		return ret;
 
 	ret = algo->hash_init(algo, &ctx);
-	if (ret)
+	if (ret) {
+		if (ctx)
+			free(ctx);
 		return ret;
+	}
 
 	/* Update hash for ESBC key */
 #ifdef CONFIG_KEY_REVOCATION
@@ -518,8 +522,11 @@ static int calc_img_key_hash(struct fsl_secboot_img_priv *img)
 
 	/* Copy hash at destination buffer */
 	ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
-	if (ret)
+	if (ret) {
+		if (ctx)
+			free(ctx);
 		return ret;
+	}
 
 	for (i = 0; i < SHA256_BYTES; i++)
 		img->img_key_hash[i] = hash_val[i];
@@ -547,14 +554,18 @@ static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img)
 
 	ret = algo->hash_init(algo, &ctx);
 	/* Copy hash at destination buffer */
-	if (ret)
+	if (ret) {
+		free(ctx);
 		return ret;
+	}
 
 	/* Update hash for CSF Header */
 	ret = algo->hash_update(algo, ctx,
 		(u8 *)&img->hdr, sizeof(struct fsl_secboot_img_hdr), 0);
-	if (ret)
+	if (ret) {
+		free(ctx);
 		return ret;
+	}
 
 	/* Update the hash with that of srk table if srk flag is 1
 	 * If IE Table is selected, key is not added in the hash
@@ -581,22 +592,29 @@ static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img)
 		key_hash = 1;
 	}
 #endif
-	if (ret)
+	if (ret) {
+		free(ctx);
 		return ret;
-	if (!key_hash)
+	}
+	if (!key_hash) {
+		free(ctx);
 		return ERROR_KEY_TABLE_NOT_FOUND;
+	}
 
 	/* Update hash for actual Image */
 	ret = algo->hash_update(algo, ctx,
 		(u8 *)(*(img->img_addr_ptr)), img->img_size, 1);
-	if (ret)
+	if (ret) {
+		free(ctx);
 		return ret;
+	}
 
 	/* Copy hash at destination buffer */
 	ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
-	if (ret)
+	if (ret) {
+		free(ctx);
 		return ret;
-
+	}
 	return 0;
 }
 
-- 
2.25.1



More information about the U-Boot mailing list