CID1130011: Use after free in ich_descriptor_tool
Corresponding to flashrom svn r1771.
Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Acked-by: Stefan Tauner <stefan.tauner@alumni.tuwien.ac.at>
diff --git a/util/ich_descriptors_tool/ich_descriptors_tool.c b/util/ich_descriptors_tool/ich_descriptors_tool.c
index c359913..00ad1f3 100644
--- a/util/ich_descriptors_tool/ich_descriptors_tool.c
+++ b/util/ich_descriptors_tool/ich_descriptors_tool.c
@@ -77,12 +77,13 @@
printf("Dumping %u bytes of the %s region from 0x%08x-0x%08x to %s... ",
file_len, region_names[i], base, limit, fn);
int fh = open(fn, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR);
- free(fn);
if (fh < 0) {
fprintf(stderr,
"ERROR: couldn't open(%s): %s\n", fn, strerror(errno));
+ free(fn);
exit(1);
}
+ free(fn);
ret = write(fh, &dump[base >> 2], file_len);
if (ret != file_len) {