From: Andrei Borzenkov Date: Sat, 16 Jan 2016 18:27:57 +0000 (+0300) Subject: tftp: fix memory leaks in open X-Git-Tag: 2.02-beta3~72 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=77002c65d3532384682dd1ac861f4349089c5704;p=thirdparty%2Fgrub.git tftp: fix memory leaks in open If protocol open fails, file is immediately freed, so data was leaked. Found by: Coverity scan. CID: 96659 --- diff --git a/grub-core/net/tftp.c b/grub-core/net/tftp.c index 1319671ff..7d90bf66e 100644 --- a/grub-core/net/tftp.c +++ b/grub-core/net/tftp.c @@ -326,7 +326,10 @@ tftp_open (struct grub_file *file, const char *filename) grub_netbuff_reserve (&nb, 1500); err = grub_netbuff_push (&nb, sizeof (*tftph)); if (err) - return err; + { + grub_free (data); + return err; + } tftph = (struct tftphdr *) nb.data; @@ -361,19 +364,26 @@ tftp_open (struct grub_file *file, const char *filename) err = grub_netbuff_unput (&nb, nb.tail - (nb.data + hdrlen)); if (err) - return err; + { + grub_free (data); + return err; + } file->not_easily_seekable = 1; file->data = data; data->pq = grub_priority_queue_new (sizeof (struct grub_net_buff *), cmp); if (!data->pq) - return grub_errno; + { + grub_free (data); + return grub_errno; + } err = grub_net_resolve_address (file->device->net->server, &addr); if (err) { destroy_pq (data); + grub_free (data); return err; } @@ -383,6 +393,7 @@ tftp_open (struct grub_file *file, const char *filename) if (!data->sock) { destroy_pq (data); + grub_free (data); return grub_errno; } @@ -396,6 +407,7 @@ tftp_open (struct grub_file *file, const char *filename) { grub_net_udp_close (data->sock); destroy_pq (data); + grub_free (data); return err; } grub_net_poll_cards (GRUB_NET_INTERVAL + (i * GRUB_NET_INTERVAL_ADDITION), @@ -412,6 +424,7 @@ tftp_open (struct grub_file *file, const char *filename) { grub_net_udp_close (data->sock); destroy_pq (data); + grub_free (data); return grub_errno; }