From f2d5031c4b6819007e04566e7daab8019c93be43 Mon Sep 17 00:00:00 2001
From: Daniel Golle <daniel@makrotopia.org>
Date: Fri, 27 Sep 2024 14:13:52 +0100
Subject: [PATCH] jail: seccomp-oci: fix uninitialized pointer read in error
 path

The pointer to allocated memory 'filter' has not been assigned to
'prog->filter' when error path errout1 is used. Free 'filter' instead
of 'prog->filter' in that case.

Coverity CID 1520949 Uninitialized pointer read
Coverity CID 1521044 Resource leak
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---
 jail/seccomp-oci.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/jail/seccomp-oci.c b/jail/seccomp-oci.c
index 9ef43d1..c279fc1 100644
--- a/jail/seccomp-oci.c
+++ b/jail/seccomp-oci.c
@@ -422,7 +422,7 @@ struct sock_fprog *parseOCIlinuxseccomp(struct blob_attr *msg)
 	return prog;
 
 errout1:
-	free(prog->filter);
+	free(filter);
 errout2:
 	free(prog);
 	return NULL;
-- 
2.30.2