fiptool: Fix use after free

Commit 880b9e8b (Add padding at the end of the last entry) added code using toc_entry pointer, whose memory is already freed via variable buf. This causes enormous padding on openSUSE. Free the memory buffer only after padding is done. Signed-off-by: Andreas Färber <afaerber@suse.de>

fiptool: Fix use after free
Commit 880b9e8b (Add padding at the end of the last entry) added code using toc_entry pointer, whose memory is already freed via variable buf. This causes enormous padding on openSUSE. Free the memory buffer only after padding is done. Signed-off-by: Andreas Färber <afaerber@suse.de>
8e4cdd22 · Andreas Färber · f478253d · 8e4cdd22
Commit 8e4cdd22 authored 7 years ago by Andreas Färber
Hide whitespace changes
Inline Side-by-side

Showing

with 1 addition and 1 deletion
+1 -1
--- a/tools/fiptool/fiptool.c
+++ b/tools/fiptool/fiptool.c
@@ -543,7 +543,6 @@ static int pack_images(const char *filename, uint64_t toc_flags, unsigned long a
 		log_dbgx("Metadata size: %zu bytes", buf_size);

 	xfwrite(buf, buf_size, fp, filename);
-	free(buf);

 	if (verbose)
 		log_dbgx("Payload size: %zu bytes", payload_size);
@@ -566,6 +565,7 @@ static int pack_images(const char *filename, uint64_t toc_flags, unsigned long a
 	while (pad_size--)
 		fputc(0x0, fp);

+	free(buf);
 	fclose(fp);
 	return 0;
 }