[PATCH] fs/squashfs: Ensure memory is freed by using unwind goto
Andrew Goodbody
andrew.goodbody at linaro.org
Thu Oct 2 12:36:09 CEST 2025
Returning immediately from sqfs_read_nest is not consistent with other
error checks in this function and can lead to memory leaks. Instead use
the unwind goto used elsewhere to ensure that the memory is freed.
This issue was found by Smatch.
Signed-off-by: Andrew Goodbody <andrew.goodbody at linaro.org>
---
fs/squashfs/sqfs.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/squashfs/sqfs.c b/fs/squashfs/sqfs.c
index 2dcdd60f68343f801bd73e318568fb030434ed31..4d3d83b75873f4d66f2dbd544ae6715f66f5d289 100644
--- a/fs/squashfs/sqfs.c
+++ b/fs/squashfs/sqfs.c
@@ -1584,8 +1584,10 @@ static int sqfs_read_nest(const char *filename, void *buf, loff_t offset,
table_offset = frag_entry.start - (start * ctxt.cur_dev->blksz);
n_blks = DIV_ROUND_UP(table_size + table_offset, ctxt.cur_dev->blksz);
- if (__builtin_mul_overflow(n_blks, ctxt.cur_dev->blksz, &buf_size))
- return -EINVAL;
+ if (__builtin_mul_overflow(n_blks, ctxt.cur_dev->blksz, &buf_size)) {
+ ret = -EINVAL;
+ goto out;
+ }
fragment = malloc_cache_aligned(buf_size);
---
base-commit: da47ddebd16a7e1047da8537fbf01558d2a89fcf
change-id: 20251002-fs_squashfs-ef3fa4928e33
Best regards,
--
Andrew Goodbody <andrew.goodbody at linaro.org>
More information about the U-Boot
mailing list