When printing an UEFI variable an error may arise while converting an illegal hexadecimal value. In this case a buffer is leaked.

Close the memory leak. Provide an error message.

Reported-by: Coverity (CID 185830) Signed-off-by: Heinrich Schuchardt xypron.glpk@gmx.de --- cmd/nvedit_efi.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cmd/nvedit_efi.c b/cmd/nvedit_efi.c index e65b38dbf3..2805e8182b 100644 --- a/cmd/nvedit_efi.c +++ b/cmd/nvedit_efi.c @@ -291,8 +291,11 @@ static int append_value(char **bufp, size_t *sizep, char *data) if (!tmp_buf) return -1;

- if (hex2bin((u8 *)tmp_buf, data, len) < 0) + if (hex2bin((u8 *)tmp_buf, data, len) < 0) { + printf("Error: illegal hexadecimal string\n"); + free(tmp_buf); return -1; + }

value = tmp_buf; } else { /* string */ -- 2.20.1