iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

firmware: qcom: qseecom: fix memory leaks in error paths

Browse Source 
Fix instances of returning error codes directly instead of jumping to
the relevant labels where memory allocated for the SCM calls would be
freed.

Fixes: 759e7a2b62eb ("firmware: Add support for Qualcomm UEFI Secure Application")
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <error27@gmail.com>
Closes: https://lore.kernel.org/r/202311270828.k4HGcjiL-lkp@intel.com/
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
Reviewed-by: Maximilian Luz <luzmaximilian@gmail.com>
Tested-by: Deepti Jaggi <quic_djaggi@quicinc.com> #sa8775p-ride
Link: https://lore.kernel.org/r/20231127141600.20929-2-brgl@bgdev.pl
Signed-off-by: Bjorn Andersson <andersson@kernel.org>
This commit is contained in:
Bartosz Golaszewski 2023-11-27 15:15:48 +01:00 committed by Bjorn Andersson
parent ff5fed86be
commit 6c57d7b593
1 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
drivers/firmware/qcom/qcom_qseecom_uefisecapp.c
View File

@ -325,8 +325,10 @@ static efi_status_t qsee_uefi_get_variable(struct qcuefi_client *qcuefi, const e
req_data->length = req_size;
status = ucs2_strscpy(((void *)req_data) + req_data->name_offset, name, name_length);
if (status < 0)
return EFI_INVALID_PARAMETER;
if (status < 0) {
efi_status = EFI_INVALID_PARAMETER;
goto out_free;
}
memcpy(((void *)req_data) + req_data->guid_offset, guid, req_data->guid_size);
@ -471,8 +473,10 @@ static efi_status_t qsee_uefi_set_variable(struct qcuefi_client *qcuefi, const e
req_data->length = req_size;
status = ucs2_strscpy(((void *)req_data) + req_data->name_offset, name, name_length);
if (status < 0)
return EFI_INVALID_PARAMETER;
if (status < 0) {
efi_status = EFI_INVALID_PARAMETER;
goto out_free;
}
memcpy(((void *)req_data) + req_data->guid_offset, guid, req_data->guid_size);
@ -563,8 +567,10 @@ static efi_status_t qsee_uefi_get_next_variable(struct qcuefi_client *qcuefi,
memcpy(((void *)req_data) + req_data->guid_offset, guid, req_data->guid_size);
status = ucs2_strscpy(((void *)req_data) + req_data->name_offset, name,
*name_size / sizeof(*name));
if (status < 0)
return EFI_INVALID_PARAMETER;
if (status < 0) {
efi_status = EFI_INVALID_PARAMETER;
goto out_free;
}
status = qcom_qseecom_app_send(qcuefi->client, req_data, req_size, rsp_data, rsp_size);
if (status) {
@ -635,7 +641,7 @@ static efi_status_t qsee_uefi_get_next_variable(struct qcuefi_client *qcuefi,
* have already been validated above, causing this function to
* bail with EFI_BUFFER_TOO_SMALL.
*/
return EFI_DEVICE_ERROR;
efi_status = EFI_DEVICE_ERROR;
}
out_free: