On Wed, Dec 13, 2023 at 10:25:13PM +0000, Alec Brown wrote: > In grub-core/gfxmenu/gui_image.c, coverity detected a double free in the > function load_image(). The function checks if self->bitmap and > self->raw_bitmap > aren't NULL and then frees them. In the case self->bitmap and self->raw_bitmap > are the same, only self->raw_bitmap is freed which would also free the memory > used by self->bitmap. However, in this case self->bitmap isn't being set to > NULL > which could lead to a double free later in the code. After self->raw_bitmap is > freed, it gets set to the variable bitmap. If this variable is NULL, the code > could have a path that would free self->bitmap a second time in the function > rescale_image(). > > Fixes: CID 292472 > > Signed-off-by: Alec Brown <alec.r.br...@oracle.com>
Reviewed-by: Daniel Kiper <daniel.ki...@oracle.com> Daniel _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
