Hi Sasha. On Fri, Jan 26, 2018 at 08:42:27PM +0100, Sascha Hauer wrote: > "path" is allocated by normalise_path() and thus must be > freed. This was done in the error path, but not in the success > path. > > Signed-off-by: Sascha Hauer <s.hauer@xxxxxxxxxxxxxx> > --- > fs/fs.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/fs/fs.c b/fs/fs.c > index 6f15e93ba9..7d0d97906d 100644 > --- a/fs/fs.c > +++ b/fs/fs.c > @@ -1392,6 +1392,8 @@ int mount(const char *device, const char *fsname, const char *_path, > fsdev_set_linux_rootarg(fsdev, str); > } > > + free(path); > + > return 0; > > err_no_driver: An out: label so we only called free once was also an option. Both patterns are used in this file - so either should be OK. While browsing this file I think there is a few similar cases involving normalise_path(): automount_remove() path is assigned, but never freed. automount_add() am is allocated, but not freed if we return -ENOTDIR. And thus all of path, cmd, and am is leaked I also noticed: opendir() No check for PTR_ERR after calling canonalize_path() unlink() No check for PTR_ERR after call to canonalize_dir() readlink() No check for PTR_ERR after call to canonalize_dir() I can create patch for these - but I cannot do any thrustworthy testing. And for the canonalize() I am uncertain if the check is requied. Let me know your preference and I will take care. Sam _______________________________________________ barebox mailing list barebox@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/barebox