[PATCH] efi_loader: Prevent leak of memory from tmp_files

Andrew Goodbody andrew.goodbody at linaro.org
Mon Oct 6 11:51:26 CEST 2025


On 06/10/2025 08:47, Heinrich Schuchardt wrote:
> On 10/3/25 16:54, Andrew Goodbody wrote:
>> After the malloc of tmp_files and before its value is recorded an early
>> exit will need to free tmp_files to prevent leaking that memory.
>>
>> This issue was found by Smatch.
> 
> Thank you for following up through all those issues indicated by static 
> code analysis.
> 
> Tom could grant you access to Coverity to look at what is reported there 
> (https://scan.coverity.com/projects/das-u-boot).


Thanks Heinrich. Tom has already granted me access to Coverity. I am not 
quite sure where my priorities will be next but I hope to at least look 
at adding Smatch to CI.

Andrew

>> Signed-off-by: Andrew Goodbody <andrew.goodbody at linaro.org>
>> ---
>>   lib/efi_loader/efi_capsule.c | 4 +++-
>>   1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
>> index 
>> f19e78ae9d1e250f7bf8362f043877c6d10a9675..31b47a20186e036f6852c6baa4f353a5d7b97632 100644
>> --- a/lib/efi_loader/efi_capsule.c
>> +++ b/lib/efi_loader/efi_capsule.c
>> @@ -1096,8 +1096,10 @@ static efi_status_t efi_capsule_scan_dir(u16 
>> ***files, unsigned int *num)
>>       while (1) {
>>           tmp_size = dirent_size;
>>           ret = EFI_CALL((*dirh->read)(dirh, &tmp_size, dirent));
>> -        if (ret != EFI_SUCCESS)
>> +        if (ret != EFI_SUCCESS) {
>> +            free(tmp_files);
>>               goto err;
>> +        }
>>           if (!tmp_size)
>>               break;
> 
> LGTM
> 
> Reviewed-by: Heinrich Schuchardt <xypron.glpk at gmx.de>



More information about the U-Boot mailing list