On 9/24/19 3:08 PM, Vladimir Sementsov-Ogievskiy wrote:
> fit_load_fdt forget to zero errp. Fix it.
>
> Signed-off-by: Vladimir Sementsov-Ogievskiy <vsement...@virtuozzo.com>
> Reviewed-by: Eric Blake <ebl...@redhat.com>
> ---
> hw/core/loader-fit.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/hw/core/loader-fit.c b/hw/core/loader-fit.c
> index 953b16bc82..11e4fad595 100644
> --- a/hw/core/loader-fit.c
> +++ b/hw/core/loader-fit.c
> @@ -201,6 +201,7 @@ static int fit_load_fdt(const struct fit_loader *ldr,
> const void *itb,
> if (err == -ENOENT) {
> load_addr = ROUND_UP(kernel_end, 64 * KiB) + (10 * MiB);
> error_free(*errp);
> + *errp = NULL;Actually, let's drop my R-b - I think we have a bigger bug here. We are blindly dereferencing *errp even if the caller passed in NULL. The correct way to write this function requires either the use of local_err or the addition of auto-propagation. (In v2, you still had this bug - your addition of error_free_errp(errp) would still blindly dereference *errp, unless you tweak the implementation of error_free_errp to tolerate a NULL pointer input) -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3226 Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature
