regex: fix resource leak when searching (ChangeLog entry)

author Paul Eggert <eggert@cs.ucla.edu>

Fri, 6 Jun 2025 06:35:33 +0000 (23:35 -0700)

committer Paul Eggert <eggert@cs.ucla.edu>

Fri, 6 Jun 2025 06:35:33 +0000 (23:35 -0700)
author Paul Eggert <eggert@cs.ucla.edu>
Fri, 6 Jun 2025 06:35:33 +0000 (23:35 -0700)
committer Paul Eggert <eggert@cs.ucla.edu>
Fri, 6 Jun 2025 06:35:33 +0000 (23:35 -0700)
diff --git a/ChangeLog b/ChangeLog

index e811cb496d7cf03682c15034f601bb9cc87f452b..b8590c159e9f0f989b2fc64344d18b7d16d58e87 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,19 @@
+2025-06-05  Alec Brown  <alec.r.brown@oracle.com>  (tiny change)
+
+       regex: fix resource leak when searching
+       * lib/regex.c (merge_state_with_log):
+       In this function, memory is allocated for the variable next_nodes when
+       creating a union of the variables table_nodes and log_nodes.
+       However, if next_state->entrance_nodes is NULL, table_nodes becomes
+       NULL and we still allocate memory to copy the contents of log_nodes.
+       This can cause a resource leak since we only free the memory for
+       next_nodes if table_nodes isn't NULL. To prevent this, check that
+       next_state->entrance_nodes isn't NULL before allocating memory
+       for the union.
+
+       This issue was found by a Coverity Scan of GRUB2 under the
+       following CID: CID: 473887
+
  2025-06-05  Paul Eggert  <eggert@cs.ucla.edu>
  
         regex: fix some leaks when pattern compilation fails
author	Paul Eggert <eggert@cs.ucla.edu>
	Fri, 6 Jun 2025 06:35:33 +0000 (23:35 -0700)
committer	Paul Eggert <eggert@cs.ucla.edu>
	Fri, 6 Jun 2025 06:35:33 +0000 (23:35 -0700)