diff options
| author | Luo Ji <ji.luo@nxp.com> | 2019-03-07 18:56:50 +0800 |
|---|---|---|
| committer | Luo Ji <ji.luo@nxp.com> | 2019-03-12 14:46:35 +0800 |
| commit | 6c5a2fc34ba08eb4c990ee9044fc1dfd9ecbd04f (patch) | |
| tree | b1eea1d9b7d4a87c0ab2e5a6133f0c35b5e305c5 /lib | |
| parent | eaab8f8e07d222b1c13e995352e99b8e4f9fe5fb (diff) | |
MA-14280 [coverity] Fix resource leak in libavb
Fix resource leak in libavb, coverity issue:
CID 5899691: Resource leak (RESOURCE_LEAK) leaked_storage: Variable
hash_out going out of scope leaks the storage it points to.
CID 5899689: Resource leak (RESOURCE_LEAK) leaked_storage: Variable
hash_buf going out of scope leaks the storage it points to.
CID 5899688: Uninitialized pointer read (UNINIT) uninit_use: Using
uninitialized value digest.
CID 5899692: Structurally dead code (UNREACHABLE) unreachable: This
code cannot be reached: goto out;
Test: Coverity scan pass.
Change-Id: If8e26fdd383c32a9160775006621830b42c0f07e
Signed-off-by: Luo Ji <ji.luo@nxp.com>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/avb/libavb/avb_slot_verify.c | 24 |
1 files changed, 18 insertions, 6 deletions
diff --git a/lib/avb/libavb/avb_slot_verify.c b/lib/avb/libavb/avb_slot_verify.c index 5733f2fa6c..2ca4ff9bd3 100644 --- a/lib/avb/libavb/avb_slot_verify.c +++ b/lib/avb/libavb/avb_slot_verify.c @@ -201,6 +201,11 @@ static AvbSlotVerifyResult load_and_verify_hash_partition( size_t expected_digest_len = 0; uint8_t expected_digest_buf[AVB_SHA512_DIGEST_SIZE]; const uint8_t* expected_digest = NULL; +#if defined(CONFIG_IMX_TRUSTY_OS) && !defined(CONFIG_AVB_ATX) + uint8_t* hash_out = NULL; + uint8_t* hash_buf = NULL; +#endif + if (!avb_hash_descriptor_validate_and_byteswap( (const AvbHashDescriptor*)descriptor, &hash_desc)) { @@ -300,18 +305,18 @@ static AvbSlotVerifyResult load_and_verify_hash_partition( if (avb_strcmp((const char*)hash_desc.hash_algorithm, "sha256") == 0) { #if defined(CONFIG_IMX_TRUSTY_OS) && !defined(CONFIG_AVB_ATX) /* DMA requires cache aligned input/output buffer */ - uint8_t *hash_out = memalign(ARCH_DMA_MINALIGN, AVB_SHA256_DIGEST_SIZE); + hash_out = memalign(ARCH_DMA_MINALIGN, AVB_SHA256_DIGEST_SIZE); if (hash_out == NULL) { avb_error("failed to alloc memory!\n"); - return AVB_SLOT_VERIFY_RESULT_ERROR_OOM; + ret = AVB_SLOT_VERIFY_RESULT_ERROR_OOM; goto out; } uint32_t round_buf_size = ROUND(hash_desc.salt_len + hash_desc.image_size, ARCH_DMA_MINALIGN); - uint8_t *hash_buf = memalign(ARCH_DMA_MINALIGN, round_buf_size); + hash_buf = memalign(ARCH_DMA_MINALIGN, round_buf_size); if (hash_buf == NULL) { avb_error("failed to alloc memory!\n"); - return AVB_SLOT_VERIFY_RESULT_ERROR_OOM; + ret = AVB_SLOT_VERIFY_RESULT_ERROR_OOM; goto out; } @@ -331,6 +336,7 @@ static AvbSlotVerifyResult load_and_verify_hash_partition( digest = hash_out; free(hash_buf); + hash_buf = NULL; #else AvbSHA256Ctx sha256_ctx; avb_sha256_init(&sha256_ctx); @@ -389,8 +395,14 @@ static AvbSlotVerifyResult load_and_verify_hash_partition( out: #if defined(CONFIG_IMX_TRUSTY_OS) && !defined(CONFIG_AVB_ATX) - if (digest != NULL) - free(digest); + if (hash_out != NULL) { + free(hash_out); + hash_out = NULL; + } + if (hash_buf != NULL) { + free(hash_buf); + hash_buf = NULL; + } #endif /* If it worked and something was loaded, copy to slot_data. */ if ((ret == AVB_SLOT_VERIFY_RESULT_OK || result_should_continue(ret)) && |