[PATCH v3 2/5] OvmfPkg/X86QemuLoadImageLib: plug cmdline blob leak on success


Dov Murik
 

When QemuLoadKernelImage() ends successfully, the command-line blob is
not freed, even though it is not used elsewhere (its content is already
copied to KernelLoadedImage->LoadOptions). The memory leak bug was
introduced in commit 7c47d89003a6 ("OvmfPkg: implement QEMU loader
library for X86 with legacy fallback", 2020-03-05).

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Reported-by: Laszlo Ersek <lersek@redhat.com>
Fixes: 7c47d89003a6f8f7f6f0ce8ca7d3e87c630d14cc
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
---
OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c b/Ov=
mfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c
index 1177582ab051..6b1e7e649014 100644
--- a/OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c
+++ b/OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c
@@ -446,14 +446,16 @@ QemuLoadKernelImage (
}=0D
=0D
*ImageHandle =3D KernelImageHandle;=0D
- return EFI_SUCCESS;=0D
+ Status =3D EFI_SUCCESS;=0D
=0D
FreeCommandLine:=0D
if (CommandLineSize > 0) {=0D
FreePool (CommandLine);=0D
}=0D
UnloadImage:=0D
- gBS->UnloadImage (KernelImageHandle);=0D
+ if (EFI_ERROR (Status)) {=0D
+ gBS->UnloadImage (KernelImageHandle);=0D
+ }=0D
=0D
return Status;=0D
}=0D
--=20
2.25.1

Join devel@edk2.groups.io to automatically receive all group messages.