From: Richard Maciel <[email protected]> Related to coverity CID 10311.
In some error cases the memory allocated wasn't being properly released, so I grouped all the release in the end of the function and make error cases point to the label there. Signed-off-by: Richard Maciel <[email protected]> --- src/tcs/tcs_evlog_imaem.c | 28 +++++++++++++--------------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/src/tcs/tcs_evlog_imaem.c b/src/tcs/tcs_evlog_imaem.c index d905381..abc5282 100644 --- a/src/tcs/tcs_evlog_imaem.c +++ b/src/tcs/tcs_evlog_imaem.c @@ -244,14 +244,16 @@ ima_get_entry(FILE *handle, UINT32 pcr_index, UINT32 *num, TSS_PCR_EVENT **ppEve memcpy(&pcr_value, &page[ptr], sizeof(int)); if (pcr_index == (UINT32)pcr_value) { - event = calloc(1, sizeof(TSS_PCR_EVENT)); - event->ulPcrIndex = pcr_value; ptr += sizeof(int); /* This is the case where we're looking for a specific event number in a * specific PCR index. When we've reached the correct event, malloc * space for it, copy it in, then break out of the while loop */ if (ppEvent && seen_indices == *num) { /* grab this entry */ + event = calloc(1, sizeof(TSS_PCR_EVENT)); + event->ulPcrIndex = pcr_value; + event->rgbPcrValue = NULL; + event->rgbEvent = NULL; event->ulPcrValueLength = 20; event->rgbPcrValue = malloc(event->ulPcrValueLength); if (event->rgbPcrValue == NULL) { @@ -270,26 +272,22 @@ ima_get_entry(FILE *handle, UINT32 pcr_index, UINT32 *num, TSS_PCR_EVENT **ppEve char digest[20]; if (fread(&len, 1, sizeof(len), fp) != sizeof(len)) { - free(event); LogError("Failed to read event log file"); result = TCSERR(TSS_E_INTERNAL_ERROR); goto done; } if (len > EVLOG_FILENAME_MAXSIZE) { - free(event); LogError("Event log file name too big! Max size is %d", EVLOG_FILENAME_MAXSIZE); result = TCSERR(TSS_E_INTERNAL_ERROR); goto done; } memset(name, 0, EVLOG_FILENAME_MAXSIZE); if (fread(name, 1, len, fp) != len) { - free(event); LogError("Failed to read event log file"); result = TCSERR(TSS_E_INTERNAL_ERROR); goto done; } if (fread(digest, 1, sizeof(digest), fp) != sizeof(digest)) { - free(event); LogError("Failed to read event log file"); result = TCSERR(TSS_E_INTERNAL_ERROR); goto done; @@ -297,24 +295,19 @@ ima_get_entry(FILE *handle, UINT32 pcr_index, UINT32 *num, TSS_PCR_EVENT **ppEve } /* Get the template data namelen and data */ if (fread(&event->ulEventLength, 1, sizeof(int), fp) != sizeof(int)) { - free(event); LogError("Failed to read event log file"); result = TCSERR(TSS_E_INTERNAL_ERROR); goto done; } event->rgbEvent = malloc(event->ulEventLength + 1); if (event->rgbEvent == NULL) { - free(event->rgbPcrValue); LogError("malloc of %u bytes failed.", event->ulEventLength); - free(event); result = TCSERR(TSS_E_OUTOFMEMORY); goto done; } memset(event->rgbEvent, 0, event->ulEventLength); if (fread(event->rgbEvent, 1, event->ulEventLength, fp) != event->ulEventLength ) { - free(event->rgbPcrValue); - free(event); LogError("Failed to read event log file"); result = TCSERR(TSS_E_INTERNAL_ERROR); goto done; @@ -326,16 +319,12 @@ ima_get_entry(FILE *handle, UINT32 pcr_index, UINT32 *num, TSS_PCR_EVENT **ppEve } } if (fread(&len, 1, sizeof(len), fp) != sizeof(len)) { - free(event->rgbPcrValue); - free(event); LogError("Failed to read event log file"); result = TCSERR(TSS_E_INTERNAL_ERROR); goto done; } fseek(fp, len + 20, SEEK_CUR); if (fread(&len, 1, sizeof(len), fp) != sizeof(len)) { - free(event->rgbPcrValue); - free(event); LogError("Failed to read event log file"); result = TCSERR(TSS_E_INTERNAL_ERROR); goto done; @@ -344,6 +333,15 @@ ima_get_entry(FILE *handle, UINT32 pcr_index, UINT32 *num, TSS_PCR_EVENT **ppEve seen_indices++; } done: + if (result != TSS_SUCCESS) { + if (event != NULL) { + free(event->rgbPcrValue); + free(event->rgbEvent); + } + free(event); + event = NULL; + } + if (ppEvent == NULL) *num = seen_indices; -- 1.8.5.3 ------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
