diff options
| author | Tomas Vanek <vanekt@fbl.cz> | 2020-03-13 15:34:47 +0100 |
|---|---|---|
| committer | Oleksij Rempel <linux@rempel-privat.de> | 2020-04-20 18:26:58 +0100 |
| commit | 3c296bd19480033037f4e3f2db4a876a34a41f58 (patch) | |
| tree | fdcc3bf67b88d2aa178bcb3544f338a14f82e9da /src | |
| parent | 6dcd255b7bde5d7d3a8805c3a0e81f5edf42ccf4 (diff) | |
| download | riscv-openocd-3c296bd19480033037f4e3f2db4a876a34a41f58.zip riscv-openocd-3c296bd19480033037f4e3f2db4a876a34a41f58.tar.gz riscv-openocd-3c296bd19480033037f4e3f2db4a876a34a41f58.tar.bz2 | |
jtag/drivers/ulink: fix clang static analyzer warnings
scan-build-9:
Description: Potential leak of memory pointed to by 'cmd'
File: /home/vanekt/openocd/scanbuild9/../src/jtag/drivers/ulink.c
Line: 1075
Description: Potential leak of memory pointed to by 'cmd'
File: /home/vanekt/openocd/scanbuild9/../src/jtag/drivers/ulink.c
Line: 1275
ulink_append_xxx_cmd() functions allocate memory for cmd
and then call ulink_allocate_payload(), which allocates cmd->payload_out
or cmd->payload_in.
ulink_append_queue() checks the size of queue and if the new payload
does not fit, calls ulink_execute_queued_commands() and then
ulink_post_process_queue(). If any of these two fails, an error is
returned, allocated cmd struct leaks and the queue is left in an undefined
state.
Change ulink_append_queue() flow to proceed to appending cmd to the queue
even in the case of fail in previous ulink_execute_queued_commands()
or ulink_post_process_queue(). In case of fail then clear the queue
including the last appended cmd.
Change-Id: I967c07af19e9020c93bcb4ef403cf1f557dd1db1
Signed-off-by: Tomas Vanek <vanekt@fbl.cz>
Reviewed-on: http://openocd.zylin.com/5370
Tested-by: jenkins
Reviewed-by: Oleksij Rempel <linux@rempel-privat.de>
Diffstat (limited to 'src')
| -rw-r--r-- | src/jtag/drivers/ulink.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/src/jtag/drivers/ulink.c b/src/jtag/drivers/ulink.c index 4066d61..c6683ab 100644 --- a/src/jtag/drivers/ulink.c +++ b/src/jtag/drivers/ulink.c @@ -650,7 +650,7 @@ void ulink_clear_queue(struct ulink *device) int ulink_append_queue(struct ulink *device, struct ulink_cmd *ulink_cmd) { int newsize_out, newsize_in; - int ret; + int ret = ERROR_OK; newsize_out = ulink_get_queue_size(device, PAYLOAD_DIRECTION_OUT) + 1 + ulink_cmd->payload_out_size; @@ -663,14 +663,12 @@ int ulink_append_queue(struct ulink *device, struct ulink_cmd *ulink_cmd) /* New command does not fit. Execute all commands in queue before starting * new queue with the current command as first entry. */ ret = ulink_execute_queued_commands(device, USB_TIMEOUT); - if (ret != ERROR_OK) - return ret; - ret = ulink_post_process_queue(device); - if (ret != ERROR_OK) - return ret; + if (ret == ERROR_OK) + ret = ulink_post_process_queue(device); - ulink_clear_queue(device); + if (ret == ERROR_OK) + ulink_clear_queue(device); } if (device->queue_start == NULL) { @@ -687,7 +685,10 @@ int ulink_append_queue(struct ulink *device, struct ulink_cmd *ulink_cmd) device->queue_end = ulink_cmd; } - return ERROR_OK; + if (ret != ERROR_OK) + ulink_clear_queue(device); + + return ret; } /** |