From 6b356651a3fdbb63531036941dd02fd60da5e52d Mon Sep 17 00:00:00 2001
From: Jerome Marchand <jmarchan@redhat.com>
Date: Thu, 6 Jun 2024 17:38:16 +0200
Subject: [PATCH 02/15] libtracefs: Prevent memory leak in append_filer()

The buffer containing the new filter isn't freed if we encounter an
error after it was allocated. Free tmp in the error path.

Fixes a RESSOURCE_LEAK error (CWE-772)

Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-3-jmarchan@redhat.com

Fixes: 24b856f0bcf3d ("libtracefs: Add filter creating and verify API")
Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
---
 src/tracefs-filter.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/tracefs-filter.c b/src/tracefs-filter.c
index afe3338..1b1c60e 100644
--- a/src/tracefs-filter.c
+++ b/src/tracefs-filter.c
@@ -250,12 +250,12 @@ static int append_filter(char **filter, unsigned int *state,
 	case TRACEFS_COMPARE_NE: tmp = append_string(tmp, NULL, " != "); break;
 	case TRACEFS_COMPARE_RE:
 		if (!is_string)
-			goto inval;
+			goto free;
 		tmp = append_string(tmp, NULL, "~");
 		break;
 	default:
 		if (is_string)
-			goto inval;
+			goto free;
 	}
 
 	switch (compare) {
@@ -277,6 +277,8 @@ static int append_filter(char **filter, unsigned int *state,
 	*state = S_COMPARE;
 
 	return 0;
+free:
+	free(tmp);
 inval:
 	errno = EINVAL;
 	return -1;
-- 
2.45.2