[PATCH] libebgenv: Only release CONFIG_PART::mountpoint early on errors

5 views
Skip to first unread message

Jan Kiszka

unread,
Aug 5, 2025, 10:03:11 AMAug 5
to EFI Boot Guard, Ingo Rah, Felix Moessbauer, Michael Adler
From: Jan Kiszka <jan.k...@siemens.com>

This fixes a regression caused by premature cleanup: If
probe_config_file() ran successfully and found an already mounted
partition, its mountpoint must not be released yet. bgenv_finalize()
will take care of that.

However, if probe_config_file() failed, it must free any previously
created mountpoint string prior to returning. That is what c2be7c1b95b4
was actually trying to resolve.

Reported-by: Ingo Rah <ingo...@linutronix.de>
Fixes: c2be7c1b95b4 ("libebgenv: fix memory leak in partition probing")
Signed-off-by: Jan Kiszka <jan.k...@siemens.com>
---
env/env_config_file.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/env/env_config_file.c b/env/env_config_file.c
index b0cf043..03c618a 100644
--- a/env/env_config_file.c
+++ b/env/env_config_file.c
@@ -85,7 +85,7 @@ bool probe_config_file(CONFIG_PART *cfgpart)
}
if (do_unmount) {
unmount_partition(cfgpart);
- } else {
+ } else if (!result) {
free(cfgpart->mountpoint);
cfgpart->mountpoint = NULL;
}
--
2.43.0

Jan Kiszka

unread,
Aug 12, 2025, 5:40:05 PMAug 12
to EFI Boot Guard, Ingo Rah, Felix Moessbauer, Michael Adler
From: Jan Kiszka <jan.k...@siemens.com>

This fixes a regression caused by premature cleanup: If
probe_config_file() ran successfully and found an already mounted
partition, its mountpoint must not be released yet. bgenv_finalize()
will take care of that.

However, if probe_config_file() failed, it must free any previously
created mountpoint string prior to returning. That is what c2be7c1b95b4
was actually trying to resolve.

But as we are no longer freeing in probe_config_file on success, we need
to free on errors in probe_config_partitions. This was found by coverity
after only changing probe_config_file.

Reported-by: Ingo Rah <ingo...@linutronix.de>
Fixes: c2be7c1b95b4 ("libebgenv: fix memory leak in partition probing")
Signed-off-by: Jan Kiszka <jan.k...@siemens.com>
---
env/env_config_file.c | 2 +-
env/env_config_partitions.c | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/env/env_config_file.c b/env/env_config_file.c
index b0cf043..03c618a 100644
--- a/env/env_config_file.c
+++ b/env/env_config_file.c
@@ -85,7 +85,7 @@ bool probe_config_file(CONFIG_PART *cfgpart)
}
if (do_unmount) {
unmount_partition(cfgpart);
- } else {
+ } else if (!result) {
free(cfgpart->mountpoint);
cfgpart->mountpoint = NULL;
}
diff --git a/env/env_config_partitions.c b/env/env_config_partitions.c
index 862c2bf..31ebf5e 100644
--- a/env/env_config_partitions.c
+++ b/env/env_config_partitions.c
@@ -149,6 +149,7 @@ bool probe_config_partitions(CONFIG_PART *cfgpart, bool search_all_devices)
cfgpart[count] = tmp;
} else {
free(tmp.devpath);
+ free(tmp.mountpoint);
VERBOSE(stderr,
"Error, there are "
"more than %d config "
--
2.43.0
Reply all
Reply to author
Forward
0 new messages