Re: [PATCH ima-evm-utils] evmctl: fix memory leak in get_password

From: Bruno Meneguele <hidden>
Date: 2021-08-11 17:52:53

On Wed, Aug 11, 2021 at 01:31:49PM -0400, Mimi Zohar wrote:

On Wed, 2021-08-11 at 13:51 -0300, Bruno Meneguele wrote:

quoted

On Wed, Aug 11, 2021 at 10:52:00AM -0400, Mimi Zohar wrote:

quoted

-	return pwd;
+	return password;

Wouldn't a simpler fix be to test "pwd" here?
        if (!pwd)
                free(password);
        return pwd;

The problem is on success, when 'pwd' is actually not NULL.
With that, I can't free(password). I would need to asprintf(pwd, ...) or
strndup(password). Because of that, I thought it would be cleaner to
remove 'password' completely.

I see.  So instead of "return pwd" as suggested above,

        if (!pwd) {
                free(password);
                password = NULL;  <== set or return NULL
        }

        return password;

Ack. Will send a v2 with this change.

Thanks Mimi.

-- 
bmeneg 
PGP Key: http://bmeneg.com/pubkey.txt

Attachments

signature.asc [application/pgp-signature] 488 bytes

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help