From fee0938b44b66428409faeb674a206e38e58a39a Mon Sep 17 00:00:00 2001 From: deraadt Date: Sat, 27 Nov 2021 06:14:10 +0000 Subject: [PATCH] free() with nullptr is OK, but not if the size is unitialized, and the fail label is reachable before the sizes are known. --- sys/arch/powerpc64/dev/kexec.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/sys/arch/powerpc64/dev/kexec.c b/sys/arch/powerpc64/dev/kexec.c index 8673cad3cfb..bb106c7610a 100644 --- a/sys/arch/powerpc64/dev/kexec.c +++ b/sys/arch/powerpc64/dev/kexec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexec.c,v 1.5 2020/09/02 16:07:31 deraadt Exp $ */ +/* $OpenBSD: kexec.c,v 1.6 2021/11/27 06:14:10 deraadt Exp $ */ /* * Copyright (c) 2019-2020 Visa Hankala @@ -242,8 +242,10 @@ fail: km_free(symaddr, symsize, &kv_any, &kp_kexec); if (addr) km_free(addr, size, &kv_any, &kp_kexec); - free(sh, M_TEMP, shsize); - free(ph, M_TEMP, phsize); + if (sh) + free(sh, M_TEMP, shsize); + if (ph) + free(ph, M_TEMP, phsize); return error; } -- 2.20.1