[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SECURITY PATCH 14/28] multiboot2: Fix memory leak if grub_create_loader
From: |
Daniel Kiper |
Subject: |
[SECURITY PATCH 14/28] multiboot2: Fix memory leak if grub_create_loader_cmdline() fails |
Date: |
Wed, 29 Jul 2020 19:00:27 +0200 |
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Fixes: CID 292468
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/loader/multiboot_mbi2.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/grub-core/loader/multiboot_mbi2.c
b/grub-core/loader/multiboot_mbi2.c
index 18e766c7b..e88c9f488 100644
--- a/grub-core/loader/multiboot_mbi2.c
+++ b/grub-core/loader/multiboot_mbi2.c
@@ -1076,7 +1076,11 @@ grub_multiboot2_add_module (grub_addr_t start,
grub_size_t size,
err = grub_create_loader_cmdline (argc, argv, newmod->cmdline,
newmod->cmdline_size,
GRUB_VERIFY_MODULE_CMDLINE);
if (err)
- return err;
+ {
+ grub_free (newmod->cmdline);
+ grub_free (newmod);
+ return err;
+ }
if (modules_last)
modules_last->next = newmod;
--
2.11.0
- [SECURITY PATCH 04/28] calloc: Use calloc() at most places, (continued)
- [SECURITY PATCH 04/28] calloc: Use calloc() at most places, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 01/28] yylex: Make lexer fatal errors actually be fatal, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 05/28] malloc: Use overflow checking primitives where we do complex allocations, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 06/28] iso9660: Don't leak memory on realloc() failures, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 07/28] font: Do not load more than one NAME section, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 08/28] gfxmenu: Fix double free in load_image(), Daniel Kiper, 2020/07/29
- [SECURITY PATCH 10/28] json: Avoid a double-free when parsing fails., Daniel Kiper, 2020/07/29
- [SECURITY PATCH 11/28] lzma: Make sure we don't dereference past array, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 12/28] term: Fix overflow on user inputs, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 13/28] udf: Fix memory leak, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 14/28] multiboot2: Fix memory leak if grub_create_loader_cmdline() fails,
Daniel Kiper <=
- [SECURITY PATCH 15/28] tftp: Do not use priority queue, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 18/28] script: Remove unused fields from grub_script_function struct, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 19/28] script: Avoid a use-after-free when redefining a function during execution, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 22/28] lvm: Fix two more potential data-dependent alloc overflows, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 23/28] emu: Make grub_free(NULL) safe, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 24/28] efi: Fix some malformed device path arithmetic errors, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 25/28] efi/chainloader: Propagate errors from copy_file_path(), Daniel Kiper, 2020/07/29
- [SECURITY PATCH 26/28] efi: Fix use-after-free in halt/reboot path, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 27/28] loader/linux: Avoid overflow on initrd size calculation, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 28/28] linux: Fix integer overflows in initrd size handling, Daniel Kiper, 2020/07/29