[PATCH] x86: fix BAD_FREE in get_efi_runtime_map()

Pingfan Liu piliu at redhat.com
Mon Oct 22 00:54:16 PDT 2018


If the err_out label is reached, address of a stack variable is passed to
free(). Fix it.

Signed-off-by: Pingfan Liu <piliu at redhat.com>
---
 kexec/arch/i386/x86-linux-setup.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/kexec/arch/i386/x86-linux-setup.c b/kexec/arch/i386/x86-linux-setup.c
index 6c7d260..6cda12c 100644
--- a/kexec/arch/i386/x86-linux-setup.c
+++ b/kexec/arch/i386/x86-linux-setup.c
@@ -595,8 +595,8 @@ static int get_efi_runtime_map(struct efi_mem_descriptor **map)
 	closedir(dirp);
 	return nr_maps;
 err_out:
-	if (map)
-		free(map);
+	if (*map)
+		free(*map);
 	closedir(dirp);
 	return 0;
 }
-- 
2.7.4




More information about the kexec mailing list