[igt-dev] [PATCH i-g-t] tools/intel_reg: fix use-after-free bug in register spec read
Jani Nikula
jani.nikula at intel.com
Wed Aug 21 13:09:28 UTC 2019
e points into the buffer pointer to by p.
Fixes: dfda0b6aecce ("intel_reg: introduce one intel_reg tool to rule them all")
Signed-off-by: Jani Nikula <jani.nikula at intel.com>
---
tools/intel_reg_spec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/intel_reg_spec.c b/tools/intel_reg_spec.c
index 0df69b6884de..5ab56ec1a31f 100644
--- a/tools/intel_reg_spec.c
+++ b/tools/intel_reg_spec.c
@@ -233,9 +233,9 @@ static int parse_line(struct reg *reg, const char *line)
reg->name = p;
} else if (i == 2) {
reg->addr = strtoul(p, &e, 16);
- free(p);
if (*e)
ret = -1;
+ free(p);
} else if (i == 3) {
ret = parse_port_desc(reg, p);
free(p);
--
2.20.1
More information about the igt-dev
mailing list