Static analysis reported that info.name (allocated via strdup() in fit_image_setup_sig()) is not freed in two functions:
1. fit_image_process_sig(): info.name leaked on error path and success path 2. fit_config_process_sig(): info.name leaked on error path and success path Fix: add free(info.name) in both error paths (after fit_image_setup_sig() failure) and at the end of successful execution paths. Signed-off-by: Anton Moryakov <[email protected]> --- tools/image-host.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/image-host.c b/tools/image-host.c index 8b550af0dc1..1573adecc33 100644 --- a/tools/image-host.c +++ b/tools/image-host.c @@ -245,6 +245,7 @@ static int fit_image_process_sig(const char *keydir, const char *keyfile, if (fit_image_setup_sig(&info, keydir, keyfile, fit, image_name, noffset, require_keys ? "image" : NULL, engine_id, algo_name)) + free(info.name); return -1; node_name = fit_get_name(fit, noffset, NULL); @@ -272,6 +273,7 @@ static int fit_image_process_sig(const char *keydir, const char *keyfile, return -1; } free(value); + free(info.name); /* Get keyname again, as FDT has changed and invalidated our pointer */ info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); @@ -1094,6 +1096,7 @@ static int fit_config_process_sig(const char *keydir, const char *keyfile, if (fit_image_setup_sig(&info, keydir, keyfile, fit, conf_name, noffset, require_keys ? "conf" : NULL, engine_id, algo_name)) + free(info.name); return -1; ret = info.crypto->sign(&info, region, region_count, &value, @@ -1122,6 +1125,7 @@ static int fit_config_process_sig(const char *keydir, const char *keyfile, } free(value); free(region_prop); + free(info.name); /* Get keyname again, as FDT has changed and invalidated our pointer */ info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); -- 2.39.2
