[PATCH] bootstd: rauc: Free memory during error handling

Wed Jan 14 11:31:40 CET 2026

Tested-by: Martin Schwan <m.schwan at phytec.de>

On Mon, 2026-01-05 at 21:26 +0100, Francois Berder wrote:
> While reading bootflow, memory was not released if an
> error occurred.
> 
> Signed-off-by: Francois Berder <fberder at outlook.fr>
> ---
>  boot/bootmeth_rauc.c | 51 ++++++++++++++++++++++++++++++++++--------
> --
>  1 file changed, 40 insertions(+), 11 deletions(-)
> 
> diff --git a/boot/bootmeth_rauc.c b/boot/bootmeth_rauc.c
> index 833715e1395..432d170e006 100644
> --- a/boot/bootmeth_rauc.c
> +++ b/boot/bootmeth_rauc.c
> @@ -139,12 +139,12 @@ static int distro_rauc_scan_parts(struct
> bootflow *bflow)
>  
>  static int distro_rauc_read_bootflow(struct udevice *dev, struct
> bootflow *bflow)
>  {
> -	struct distro_rauc_priv *priv;
> -	int ret;
> +	struct distro_rauc_priv *priv = NULL;
> +	int ret = 0;
>  	char *slot;
>  	int i;
> -	char *partitions;
> -	char *boot_order;
> +	char *partitions = NULL;
> +	char *boot_order = NULL;
>  	const char *default_boot_order;
>  	const char **default_boot_order_list;
>  	char *boot_order_copy;
> @@ -176,10 +176,22 @@ static int distro_rauc_read_bootflow(struct
> udevice *dev, struct bootflow *bflow
>  	if (!priv)
>  		return log_msg_ret("buf", -ENOMEM);
>  	priv->slots = calloc(1, sizeof(struct distro_rauc_slot));
> +	if (!priv->slots) {
> +		free(priv);
> +		return log_msg_ret("buf", -ENOMEM);
> +	}
>  
>  	/* Copy default boot_order, so we can leave the original
> unmodified */
>  	boot_order_copy = strdup(default_boot_order);
> +	if (!boot_order_copy) {
> +		ret = log_msg_ret("buf", -ENOMEM);
> +		goto rauc_read_bootflow_err;
> +	}
>  	partitions = strdup(CONFIG_BOOTMETH_RAUC_PARTITIONS);
> +	if (!partitions) {
> +		ret = log_msg_ret("buf", -ENOMEM);
> +		goto rauc_read_bootflow_err;
> +	}
>  
>  	for (i = 1;
>  	     (parts = strsep(&partitions, " ")) &&
> @@ -189,13 +201,26 @@ static int distro_rauc_read_bootflow(struct
> udevice *dev, struct bootflow *bflow
>  		struct distro_rauc_slot **new_slots;
>  
>  		s = calloc(1, sizeof(struct distro_rauc_slot));
> +		if (!s) {
> +			ret = log_msg_ret("buf", -ENOMEM);
> +			goto rauc_read_bootflow_err;
> +		}
>  		s->name = strdup(slot);
> +		if (!s->name) {
> +			free(s);
> +			ret = log_msg_ret("buf", -ENOMEM);
> +			goto rauc_read_bootflow_err;
> +		}
>  		s->boot_part = simple_strtoul(strsep(&parts, ","),
> NULL, 10);
>  		s->root_part = simple_strtoul(strsep(&parts, ","),
> NULL, 10);
>  		new_slots = realloc(priv->slots, (i + 1) *
>  				    sizeof(struct
> distro_rauc_slot));
> -		if (!new_slots)
> -			return log_msg_ret("buf", -ENOMEM);
> +		if (!new_slots) {
> +			free(s->name);
> +			free(s);
> +			ret = log_msg_ret("buf", -ENOMEM);
> +			goto rauc_read_bootflow_err;
> +		}
>  		priv->slots = new_slots;
>  		priv->slots[i - 1] = s;
>  		priv->slots[i] = NULL;
> @@ -204,15 +229,19 @@ static int distro_rauc_read_bootflow(struct
> udevice *dev, struct bootflow *bflow
>  	bflow->bootmeth_priv = priv;
>  
>  	ret = distro_rauc_scan_parts(bflow);
> -	if (ret < 0) {
> -		distro_rauc_priv_free(priv);
> -		free(boot_order_copy);
> -		return ret;
> -	}
> +	if (ret < 0)
> +		goto rauc_read_bootflow_err;
>  
>  	bflow->state = BOOTFLOWST_READY;
>  
>  	return 0;
> +
> +rauc_read_bootflow_err:
> +	distro_rauc_priv_free(priv);
> +	free(boot_order_copy);
> +	free(partitions);
> +
> +	return ret;
>  }
>  
>  static int distro_rauc_read_file(struct udevice *dev, struct
> bootflow *bflow,