1*4882a593SmuzhiyunFrom d06161b035dde4769199ad65aa0a587a5920012b Mon Sep 17 00:00:00 2001 2*4882a593SmuzhiyunFrom: Darren Kenny <darren.kenny@oracle.com> 3*4882a593SmuzhiyunDate: Fri, 22 Jan 2021 12:32:41 +0000 4*4882a593SmuzhiyunSubject: [PATCH] kern/parser: Fix resource leak if argc == 0 5*4882a593Smuzhiyun 6*4882a593SmuzhiyunAfter processing the command-line yet arriving at the point where we are 7*4882a593Smuzhiyunsetting argv, we are allocating memory, even if argc == 0, which makes 8*4882a593Smuzhiyunno sense since we never put anything into the allocated argv. 9*4882a593Smuzhiyun 10*4882a593SmuzhiyunThe solution is to simply return that we've successfully processed the 11*4882a593Smuzhiyunarguments but that argc == 0, and also ensure that argv is NULL when 12*4882a593Smuzhiyunwe're not allocating anything in it. 13*4882a593Smuzhiyun 14*4882a593SmuzhiyunThere are only 2 callers of this function, and both are handling a zero 15*4882a593Smuzhiyunvalue in argc assuming nothing is allocated in argv. 16*4882a593Smuzhiyun 17*4882a593SmuzhiyunFixes: CID 96680 18*4882a593Smuzhiyun 19*4882a593SmuzhiyunSigned-off-by: Darren Kenny <darren.kenny@oracle.com> 20*4882a593SmuzhiyunReviewed-by: Daniel Kiper <daniel.kiper@oracle.com> 21*4882a593SmuzhiyunSigned-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com> 22*4882a593Smuzhiyun--- 23*4882a593Smuzhiyun grub-core/kern/parser.c | 5 +++++ 24*4882a593Smuzhiyun 1 file changed, 5 insertions(+) 25*4882a593Smuzhiyun 26*4882a593Smuzhiyundiff --git a/grub-core/kern/parser.c b/grub-core/kern/parser.c 27*4882a593Smuzhiyunindex 619db31..d1cf061 100644 28*4882a593Smuzhiyun--- a/grub-core/kern/parser.c 29*4882a593Smuzhiyun+++ b/grub-core/kern/parser.c 30*4882a593Smuzhiyun@@ -146,6 +146,7 @@ grub_parser_split_cmdline (const char *cmdline, 31*4882a593Smuzhiyun int i; 32*4882a593Smuzhiyun 33*4882a593Smuzhiyun *argc = 0; 34*4882a593Smuzhiyun+ *argv = NULL; 35*4882a593Smuzhiyun do 36*4882a593Smuzhiyun { 37*4882a593Smuzhiyun if (!rd || !*rd) 38*4882a593Smuzhiyun@@ -207,6 +208,10 @@ grub_parser_split_cmdline (const char *cmdline, 39*4882a593Smuzhiyun (*argc)++; 40*4882a593Smuzhiyun } 41*4882a593Smuzhiyun 42*4882a593Smuzhiyun+ /* If there are no args, then we're done. */ 43*4882a593Smuzhiyun+ if (!*argc) 44*4882a593Smuzhiyun+ return 0; 45*4882a593Smuzhiyun+ 46*4882a593Smuzhiyun /* Reserve memory for the return values. */ 47*4882a593Smuzhiyun args = grub_malloc (bp - buffer); 48*4882a593Smuzhiyun if (!args) 49*4882a593Smuzhiyun-- 50*4882a593Smuzhiyun2.14.2 51*4882a593Smuzhiyun 52