If strdup() fails the error path access original address of pdata->files after it has been dereferenced. Make sure that pdata->files contains the up-to-date pointer before calling calling a function that could fail. This was flagged as ressource leak (CWE-772) because ptr isn't freed in that scenario, but there is something worse going on that the static analysis missed. Signed-off-by: Jerome Marchand <jmarchan@xxxxxxxxxx> --- lib/trace-cmd/trace-util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/trace-cmd/trace-util.c b/lib/trace-cmd/trace-util.c index b5002f1d..47ca3db1 100644 --- a/lib/trace-cmd/trace-util.c +++ b/lib/trace-cmd/trace-util.c @@ -279,11 +279,11 @@ static void add_plugin_file(struct tep_handle *pevent, const char *path, if (!ptr) goto out_free; + pdata->files = ptr; ptr[pdata->index] = strdup(name); if (!ptr[pdata->index]) goto out_free; - pdata->files = ptr; pdata->index++; pdata->files[pdata->index] = NULL; return; -- 2.44.0
|