From bcbad8b05c7f9072cadd3d3ebef2992196b73801 Mon Sep 17 00:00:00 2001 From: Alexander Bulekov Date: Fri, 17 Jul 2020 12:35:23 -0400 Subject: fuzz: Fix leak when assembling datadir path string We freed the string containing the final datadir path, but did not free the path to the executable's directory that we get from g_path_get_dirname(). Fix that. Reported-by: Thomas Huth Signed-off-by: Alexander Bulekov Message-Id: <20200717163523.1591-1-alxndr@bu.edu> Signed-off-by: Thomas Huth --- tests/qtest/fuzz/fuzz.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'tests/qtest') diff --git a/tests/qtest/fuzz/fuzz.c b/tests/qtest/fuzz/fuzz.c index 6bc17ef..031594a 100644 --- a/tests/qtest/fuzz/fuzz.c +++ b/tests/qtest/fuzz/fuzz.c @@ -143,7 +143,7 @@ int LLVMFuzzerInitialize(int *argc, char ***argv, char ***envp) { char *target_name; - char *dir; + char *bindir, *datadir; bool serialize = false; /* Initialize qgraph and modules */ @@ -164,11 +164,13 @@ int LLVMFuzzerInitialize(int *argc, char ***argv, char ***envp) * location of the executable. Using this we add exec_dir/pc-bios to * the datadirs. */ - dir = g_build_filename(g_path_get_dirname(**argv), "pc-bios", NULL); - if (g_file_test(dir, G_FILE_TEST_IS_DIR)) { - qemu_add_data_dir(dir); + bindir = g_path_get_dirname(**argv); + datadir = g_build_filename(bindir, "pc-bios", NULL); + g_free(bindir); + if (g_file_test(datadir, G_FILE_TEST_IS_DIR)) { + qemu_add_data_dir(datadir); } - g_free(dir); + g_free(datadir); } else if (*argc > 1) { /* The target is specified as an argument */ target_name = (*argv)[1]; if (!strstr(target_name, "--fuzz-target=")) { -- cgit v1.1