diff options
author | Nick Child <nnac123@gmail.com> | 2021-08-11 11:02:31 -0400 |
---|---|---|
committer | Vasant Hegde <hegdevasant@linux.vnet.ibm.com> | 2021-09-09 13:10:48 +0530 |
commit | 7744e8ac4b5ad066fee21761f1696707127e0408 (patch) | |
tree | 803624cad57da30ca8e91265ce54384782d0fe88 /libstb/secvar | |
parent | 91650384becbeb320317f88721882ea55b4ede2f (diff) | |
download | skiboot-7744e8ac4b5ad066fee21761f1696707127e0408.zip skiboot-7744e8ac4b5ad066fee21761f1696707127e0408.tar.gz skiboot-7744e8ac4b5ad066fee21761f1696707127e0408.tar.bz2 |
secvar: Free md context on hash error
There were a few instances in `get_hash_to_verify` where NULL is
returned before unallocating the md context. This commit ensures that
this memory is properly freed before returning.
Signed-off-by: Nick Child <nick.child@ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
Diffstat (limited to 'libstb/secvar')
-rw-r--r-- | libstb/secvar/backend/edk2-compat-process.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/libstb/secvar/backend/edk2-compat-process.c b/libstb/secvar/backend/edk2-compat-process.c index bd7a0ab..770c370 100644 --- a/libstb/secvar/backend/edk2-compat-process.c +++ b/libstb/secvar/backend/edk2-compat-process.c @@ -643,7 +643,7 @@ static char *get_hash_to_verify(const char *key, const char *new_data, || key_equals(key, "dbx")) guid = EFI_IMAGE_SECURITY_DATABASE_GUID; else - return NULL; + goto out; /* Expand char name to wide character width */ varlen = strlen(key) * 2; @@ -672,7 +672,7 @@ static char *get_hash_to_verify(const char *key, const char *new_data, hash = zalloc(32); if (!hash) - return NULL; + goto out; rc = mbedtls_md_finish(&ctx, hash); if (rc) { free(hash); |