From: Daniel Golle <daniel@makrotopia.org>
Date: Fri, 27 Sep 2024 13:13:52 +0000 (+0100)
Subject: jail: seccomp-oci: fix uninitialized pointer read in error path
X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=f2d5031c4b6819007e04566e7daab8019c93be43;p=project%2Fprocd.git

jail: seccomp-oci: fix uninitialized pointer read in error path

The pointer to allocated memory 'filter' has not been assigned to
'prog->filter' when error path errout1 is used. Free 'filter' instead
of 'prog->filter' in that case.

Coverity CID 1520949 Uninitialized pointer read
Coverity CID 1521044 Resource leak
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---

diff --git a/jail/seccomp-oci.c b/jail/seccomp-oci.c
index 9ef43d1..c279fc1 100644
--- a/jail/seccomp-oci.c
+++ b/jail/seccomp-oci.c
@@ -422,7 +422,7 @@ struct sock_fprog *parseOCIlinuxseccomp(struct blob_attr *msg)
 	return prog;
 
 errout1:
-	free(prog->filter);
+	free(filter);
 errout2:
 	free(prog);
 	return NULL;