On failure of json_alloc_token(), json_parse() can return without freeing
'str' previously allocated by json_parse_string(). Fix this adding proper
call to os_free().
Signed-off-by: Davide Caratti <davide.caratti@xxxxxxxxx>
---
src/utils/json.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/utils/json.c b/src/utils/json.c
index 3e5e21477..9da448879 100644
--- a/src/utils/json.c
+++ b/src/utils/json.c
@@ -300,8 +300,10 @@ struct json_token * json_parse(const char *data, size_t data_len)
goto fail;
if (!curr_token) {
token = json_alloc_token(&tokens);
- if (!token)
+ if (!token) {
+ os_free(str);
goto fail;
+ }
token->type = JSON_STRING;
token->string = str;
token->state = JSON_COMPLETED;
--
2.23.0
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
