On Tue, Jul 14, 2020 at 06:42:57PM +0200, Philippe Mathieu-Daudé wrote: > The value returned by qemu_find_file() must be freed. > > This fixes Coverity issue CID 1430449, which points out > that the memory returned by qemu_find_file() is leaked. > > Fixes: Coverity CID 1430449 (RESOURCE_LEAK) > Fixes: 7dd8f6fde4 ('hw/avr: Add support for loading ELF/raw binaries') > Signed-off-by: Philippe Mathieu-Daudé <f4...@amsat.org> > --- > hw/avr/boot.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/hw/avr/boot.c b/hw/avr/boot.c > index 6fbcde4061..151734f82d 100644 > --- a/hw/avr/boot.c > +++ b/hw/avr/boot.c > @@ -60,7 +60,7 @@ static const char *avr_elf_e_flags_to_cpu_type(uint32_t > flags) > bool avr_load_firmware(AVRCPU *cpu, MachineState *ms, > MemoryRegion *program_mr, const char *firmware) > { > - const char *filename; > + g_autofree char *filename;
Any variable marked g_autofree or g_auto must always be initialized to NULL otherwise there's risk of free'ing uninitialized data. Even if currently safe, any later refactoring could turn it into a bug. So iff "= NULL" is added: Reviewed-by: Daniel P. Berrangé <berra...@redhat.com> Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|