From 25a45338751d8ed2f8bed7231380a4e8183e585c Mon Sep 17 00:00:00 2001 From: Vladimir 'phcoder' Serbinenko Date: Sat, 14 May 2011 22:26:52 +0200 Subject: [PATCH] Fix few potential memory misusage. * grub-core/font/font.c (load_font_index): Don't free char_index to avoid double free. --- ChangeLog | 7 +++++++ grub-core/font/font.c | 13 ++++++++----- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index 01f216bfb..f316af0b1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2011-05-14 Vladimir Serbinenko + + Fix few potential memory misusage. + + * grub-core/font/font.c (load_font_index): Don't free char_index to + avoid double free. + 2011-05-14 Vladimir Serbinenko * docs/grub.texi (Installation): Fix several outdated claims. diff --git a/grub-core/font/font.c b/grub-core/font/font.c index ef6caf77b..26eac4c05 100644 --- a/grub-core/font/font.c +++ b/grub-core/font/font.c @@ -316,10 +316,7 @@ load_font_index (grub_file_t file, grub_uint32_t sect_length, struct return 1; font->bmp_idx = grub_malloc (0x10000 * sizeof (grub_uint16_t)); if (!font->bmp_idx) - { - grub_free (font->char_index); - return 1; - } + return 1; grub_memset (font->bmp_idx, 0xff, 0x10000 * sizeof (grub_uint16_t)); @@ -494,7 +491,7 @@ grub_font_load (const char *filename) #endif /* Allocate the font object. */ - font = (grub_font_t) grub_malloc (sizeof (struct grub_font)); + font = (grub_font_t) grub_zalloc (sizeof (struct grub_font)); if (!font) goto fail; @@ -640,6 +637,11 @@ grub_font_load (const char *filename) return 0; fail: + if (file) + grub_file_close (file); + if (font) + font->file = 0; + free_font (font); return 1; } @@ -799,6 +801,7 @@ free_font (grub_font_t font) grub_free (font->name); grub_free (font->family); grub_free (font->char_index); + grub_free (font->bmp_idx); grub_free (font); } }