On Tue, Jul 14, 2020 at 06:42:57PM +0200, Philippe Mathieu-Daudé wrote:
> The value returned by qemu_find_file() must be freed.
>
> This fixes Coverity issue CID 1430449, which points out
> that the memory returned by qemu_find_file() is leaked.
>
> Fixes: Coverity CID 1430449 (RESOURCE_LEAK)
> Fixes: 7dd8f6fde4 ('hw/avr: Add support for loading ELF/raw binaries')
> Signed-off-by: Philippe Mathieu-Daudé <f4...@amsat.org>
> ---
> hw/avr/boot.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/avr/boot.c b/hw/avr/boot.c
> index 6fbcde4061..151734f82d 100644
> --- a/hw/avr/boot.c
> +++ b/hw/avr/boot.c
> @@ -60,7 +60,7 @@ static const char *avr_elf_e_flags_to_cpu_type(uint32_t
> flags)
> bool avr_load_firmware(AVRCPU *cpu, MachineState *ms,
> MemoryRegion *program_mr, const char *firmware)
> {
> - const char *filename;
> + g_autofree char *filename;
Any variable marked g_autofree or g_auto must always be initialized
to NULL otherwise there's risk of free'ing uninitialized data. Even
if currently safe, any later refactoring could turn it into a bug.
So iff "= NULL" is added:
Reviewed-by: Daniel P. Berrangé <berra...@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
