efi: libstub: only free priv.runtime_map when allocated

priv.runtime_map is only allocated when efi_novamap is not set.
Otherwise, it is an uninitialized value.  In the error path, it is freed
unconditionally.  Avoid passing an uninitialized value to free_pool.
Free priv.runtime_map only when it was allocated.

This bug was discovered and resolved using Coverity Static Analysis
Security Testing (SAST) by Synopsys, Inc.

Fixes: f80d26043af9 ("efi: libstub: avoid efi_get_memory_map() for allocating the virt map")
Cc: <stable@vger.kernel.org>
Signed-off-by: Hagar Hemdan <hagarhem@amazon.com>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>

diff --git a/drivers/firmware/efi/libstub/fdt.c b/drivers/firmware/efi/libstub/fdt.c
index 70e9789ff9de0a2f2ebf7a443114ab6565ca2c1f..6a337f1f8787b3bc68f771500f9fcd4b44a7b4f7 100644 (file)
--- a/drivers/firmware/efi/libstub/fdt.c
+++ b/drivers/firmware/efi/libstub/fdt.c
@@ -335,8 +335,8 @@ fail_free_new_fdt:
 
 fail:
        efi_free(fdt_size, fdt_addr);
-
-       efi_bs_call(free_pool, priv.runtime_map);
+       if (!efi_novamap)
+               efi_bs_call(free_pool, priv.runtime_map);
 
        return EFI_LOAD_ERROR;
 }