This is an automated email from Gerrit. Antonio Borneo ([email protected]) just uploaded a new patch set to Gerrit, which you can find at http://openocd.zylin.com/5692
-- gerrit commit ea13eb6f6bed8a0af49cf411db601dd3dba426f6 Author: Antonio Borneo <[email protected]> Date: Thu May 21 16:03:17 2020 +0200 jtag/tcl: fix memory leak in command 'irscan' If the function parse_u64() fails, we jump to return, thus leaking the memory just allocated in 'v'. Issue identified by clang. Move earlier the call to parse_u64() and the associated test, before memory allocation. While there, fix a possible NULL pointer dereferencing in case the calloc() fails, by testing for allocation failure. Change-Id: I6a77ee17aceb282bbdfefe7cdafeba2e0e7012f1 Signed-off-by: Antonio Borneo <[email protected]> diff --git a/src/jtag/tcl.c b/src/jtag/tcl.c index f52cbd6..f81b130 100644 --- a/src/jtag/tcl.c +++ b/src/jtag/tcl.c @@ -1129,14 +1129,19 @@ COMMAND_HANDLER(handle_irscan_command) return ERROR_FAIL; } - int field_size = tap->ir_length; - fields[i].num_bits = field_size; - uint8_t *v = calloc(1, DIV_ROUND_UP(field_size, 8)); - uint64_t value; retval = parse_u64(CMD_ARGV[i * 2 + 1], &value); if (ERROR_OK != retval) goto error_return; + + int field_size = tap->ir_length; + fields[i].num_bits = field_size; + uint8_t *v = calloc(1, DIV_ROUND_UP(field_size, 8)); + if (!v) { + LOG_ERROR("Out of memory"); + goto error_return; + } + buf_set_u64(v, 0, field_size, value); fields[i].out_value = v; fields[i].in_value = NULL; -- _______________________________________________ OpenOCD-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openocd-devel
