From: Alec Brown Date: Wed, 4 Jun 2025 20:49:15 +0000 (+0000) Subject: regex: fix resource leak when searching X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bfac2392196fca77b4fcf1fd153037555a95eb64;p=thirdparty%2Fgnulib.git regex: fix resource leak when searching * lib/regex.c (merge_state_with_log): In this function, memory is allocated for the variable next_nodes when creating a union of the variables table_nodes and log_nodes. However, if next_state->entrance_nodes is NULL, table_nodes becomes NULL and we still allocate memory to copy the contents of log_nodes. This can cause a resource leak since we only free the memory for next_nodes if table_nodes isn't NULL. To prevent this, check that next_state->entrance_nodes isn't NULL before allocating memory for the union. This issue was found by a Coverity Scan of GRUB2 under the following CID: CID: 473887 Signed-off-by: Alec Brown Copyright-paperwork-exempt: Yes --- diff --git a/lib/regexec.c b/lib/regexec.c index c5ab9b6649..0d14ac35fe 100644 --- a/lib/regexec.c +++ b/lib/regexec.c @@ -2271,7 +2271,7 @@ merge_state_with_log (reg_errcode_t *err, re_match_context_t *mctx, these destinations and the results of the transition table. */ pstate = mctx->state_log[cur_idx]; log_nodes = pstate->entrance_nodes; - if (next_state != NULL) + if (next_state != NULL && next_state->entrance_nodes != NULL) { table_nodes = next_state->entrance_nodes; *err = re_node_set_init_union (&next_nodes, table_nodes,