Attention is currently required from: Edward O'Callaghan.
View Change
2 comments:
File flashrom.c:
Patch Set #15, Line 171: const struct programmer_cfg cfg = { .params = strdup(param) };
Where did the NULL check for `param` go? Why is strdup() needed now? And what if `strdup()` returns NULL?
Patch Set #15, Line 174: free(cfg.params);
Doesn't this result in use-after-free problems?
To view, visit change 66659. To unsubscribe, or for help writing mail filters, visit settings.
Gerrit-Project: flashrom
Gerrit-Branch: master
Gerrit-Change-Id: I778609e370e44ad2b63b8baa4984ac03ff4124d8
Gerrit-Change-Number: 66659
Gerrit-PatchSet: 15
Gerrit-Owner: Edward O'Callaghan <quasisec@chromium.org>
Gerrit-Reviewer: Anastasia Klimchuk <aklm@chromium.org>
Gerrit-Reviewer: Edward O'Callaghan <quasisec@chromium.org>
Gerrit-Reviewer: Felix Singer <felixsinger@posteo.net>
Gerrit-Reviewer: Thomas Heijligen <src@posteo.de>
Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org>
Gerrit-CC: Angel Pons <th3fanbus@gmail.com>
Gerrit-Attention: Edward O'Callaghan <quasisec@chromium.org>
Gerrit-Comment-Date: Tue, 13 Sep 2022 15:24:00 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Gerrit-MessageType: comment