We are either allocating 2 or three array members. Unroll while loop

author florian <florian@openbsd.org>

Mon, 1 Jan 2018 08:55:43 +0000 (08:55 +0000)

committer florian <florian@openbsd.org>

Mon, 1 Jan 2018 08:55:43 +0000 (08:55 +0000)
author florian <florian@openbsd.org>
Mon, 1 Jan 2018 08:55:43 +0000 (08:55 +0000)
committer florian <florian@openbsd.org>
Mon, 1 Jan 2018 08:55:43 +0000 (08:55 +0000)
diff --git a/sys/kern/exec_script.c b/sys/kern/exec_script.c

index 0b9ae86..b6fd5be 100644 (file)
--- a/sys/kern/exec_script.c
+++ b/sys/kern/exec_script.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: exec_script.c,v 1.40 2017/02/11 19:51:06 guenther Exp $       */
+/*     $OpenBSD: exec_script.c,v 1.41 2018/01/01 08:55:43 florian Exp $        */
  /*     $NetBSD: exec_script.c,v 1.13 1996/02/04 02:15:06 christos Exp $        */
  
  /*
@@ -264,11 +264,13 @@ fail:
         pool_put(&namei_pool, epp->ep_ndp->ni_cnd.cn_pnbuf);
  
         /* free the fake arg list, because we're not returning it */
-       if ((tmpsap = shellargp) != NULL) {
-               while (*tmpsap != NULL) {
-                       free(*tmpsap, M_EXEC, 0);
-                       tmpsap++;
-               }
+       if (shellargp != NULL) {
+               free(shellargp[0], M_EXEC, shellnamelen + 1);
+               if (shellargp[2] != NULL) {
+                       free(shellargp[1], M_EXEC, shellarglen + 1);
+                       free(shellargp[2], M_EXEC, MAXPATHLEN);
+               } else
+                       free(shellargp[1], M_EXEC, MAXPATHLEN);
                 free(shellargp, M_EXEC, 4 * sizeof(char *));
         }
author	florian <florian@openbsd.org>
	Mon, 1 Jan 2018 08:55:43 +0000 (08:55 +0000)
committer	florian <florian@openbsd.org>
	Mon, 1 Jan 2018 08:55:43 +0000 (08:55 +0000)