Coverity complains about double free in this function (CID 96690). This
happens here:
case TFTP_DATA:
...
while (cmp_block (grub_be_to_cpu16 (tftph->u.data.block), data->block +
1) == 0)
{
...
data->block++;
...
grub_netbuff_free (nb_top);
}
As far as I can tell, data->block is always incremented so condition in
while() loop can be true at most once (tftph is set outside of this
loop and so does not change). But Coverity does not know it so flags it
as double free.
In case I miss something non-obvious - what is the reason for this
loop? It had been added in cf8d6bbd but commit message does not really
explain why it was done. Code in question did not really change since
this commit, so even originally I do not understand what this change
did.
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
