grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

gazillon of double-free

From: Robert Millan
Subject: gazillon of double-free
Date: Thu, 9 Sep 2010 01:20:40 +0200 
It seems we have a ton of double-free bugs in label() and
uuid() routines.

Take for example grub_ext2_label():

  data = grub_ext2_mount (disk);
  if (data)
    *label = grub_strndup (data->sblock.volume_name, 14);
  else
    *label = NULL;
  grub_free (data);

If grub_ext2_mount fails, data is not allocated but we free it anyway.

Or perhaps I'm missing something? (it's late here, I need some sleep)

-- 
Robert Millan
reply via email to
[Prev in Thread] Current Thread [Next in Thread]