summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorSimon Glass <sjg@chromium.org>2018-06-12 00:05:00 -0600
committerTom Rini <trini@konsulko.com>2018-06-19 07:31:44 -0400
commit8a682e03d7d18b3d20810ea83fcec69f8d09c909 (patch)
treec00ae7e81826edb2b0d2c3179db2515540ba02c3 /lib
parentdd0ee9ea857c4e4d927ae41791c1626fd57c301d (diff)
rsa: Fix missing memory leak on error in fdt_add_bignum()
Thsi function can fail without freeing all its memory. Fix it. Reported-by: Coverity (CID: 131217) Signed-off-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'lib')
-rw-r--r--lib/rsa/rsa-sign.c13
1 files changed, 10 insertions, 3 deletions
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index d2788bf79a4..cfe09cc94c2 100644
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -635,6 +635,15 @@ static int fdt_add_bignum(void *blob, int noffset, const char *prop_name,
big2 = BN_new();
big32 = BN_new();
big2_32 = BN_new();
+
+ /*
+ * Note: This code assumes that all of the above succeed, or all fail.
+ * In practice memory allocations generally do not fail (unless the
+ * process is killed), so it does not seem worth handling each of these
+ * as a separate case. Technicaly this could leak memory on failure,
+ * but a) it won't happen in practice, and b) it doesn't matter as we
+ * will immediately exit with a failure code.
+ */
if (!tmp || !big2 || !big32 || !big2_32) {
fprintf(stderr, "Out of memory (bignum)\n");
return -ENOMEM;
@@ -667,15 +676,13 @@ static int fdt_add_bignum(void *blob, int noffset, const char *prop_name,
* might fail several times
*/
ret = fdt_setprop(blob, noffset, prop_name, buf, size);
- if (ret)
- return -FDT_ERR_NOSPACE;
free(buf);
BN_free(tmp);
BN_free(big2);
BN_free(big32);
BN_free(big2_32);
- return ret;
+ return ret ? -FDT_ERR_NOSPACE : 0;
}
int rsa_add_verify_data(struct image_sign_info *info, void *keydest)