From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1nUYFB-0002ew-9S
	for mharc-grub-devel@gnu.org; Wed, 16 Mar 2022 14:19:34 -0400
Received: from eggs.gnu.org ([209.51.188.92]:33254)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <dkiper@net-space.pl>)
 id 1nUYF6-0002dD-GF
 for grub-devel@gnu.org; Wed, 16 Mar 2022 14:19:29 -0400
Received: from dibed.net-space.pl ([84.10.22.86]:58480)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_3DES_EDE_CBC_SHA1:192)
 (Exim 4.90_1) (envelope-from <dkiper@net-space.pl>)
 id 1nUYF3-0003uG-EJ
 for grub-devel@gnu.org; Wed, 16 Mar 2022 14:19:26 -0400
Received: from router-fw.i.net-space.pl ([192.168.52.1]:33790 "EHLO
 tomti.i.net-space.pl") by router-fw-old.i.net-space.pl with ESMTP
 id S2136492AbiCPSTX (ORCPT <rfc822;grub-devel@gnu.org>);
 Wed, 16 Mar 2022 19:19:23 +0100
X-Comment: RFC 2476 MSA function at dibed.net-space.pl logged sender identity
 as: dkiper
Date: Wed, 16 Mar 2022 19:19:21 +0100
From: Daniel Kiper <dkiper@net-space.pl>
To: Darren Kenny <darren.kenny@oracle.com>
Cc: grub-devel@gnu.org
Subject: Re: [PATCH 2/2] kern: Ensure that parser allocated memory is not
 leaked
Message-ID: <20220316181921.tlr2tsic7v4lnbjo@tomti.i.net-space.pl>
References: <a0802259765b7304c38d9b48cad152fcd970ef19.1647451397.git.darren.kenny@oracle.com>
 <179d782a3f2b4f177f6396612eb47da1fc7995ed.1647451397.git.darren.kenny@oracle.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <179d782a3f2b4f177f6396612eb47da1fc7995ed.1647451397.git.darren.kenny@oracle.com>
User-Agent: NeoMutt/20170113 (1.7.2)
Received-SPF: pass client-ip=84.10.22.86; envelope-from=dkiper@net-space.pl;
 helo=dibed.net-space.pl
X-Spam_score_int: -18
X-Spam_score: -1.9
X-Spam_bar: -
X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2022 18:19:29 -0000

On Wed, Mar 16, 2022 at 05:25:05PM +0000, Darren Kenny wrote:
> While it would appear unlikely that the memory allocated in *argv in
> grub_parser_split_cmdline() would be leaked, we should try ensure that
> it doesn't leak by calling grub_free() before we return from
> grub_rescue_parse_line().
>
> To avoid a possible double-free, grub_parser_split_cmdline() is being
> changed to assign *argv = NULL when we've called grub_free() in the fail
> section.
>
> Fixes: CID 96680
>
> Signed-off-by: Darren Kenny <darren.kenny@oracle.com>

Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

Daniel