From: Anton Moryakov <ant.v.moryakov@gmail.com>
Date: Thu, 6 Feb 2025 21:47:59 +0000 (+0300)
Subject: lib: ecdsa: fix prevent memory leak in ecdsa_add_verify_data
X-Git-Tag: v2025.07-rc1~18^2~65
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9943015f1b39fcb2de16ee72f1599c342620c561;p=pandora-u-boot.git

lib: ecdsa: fix prevent memory leak in ecdsa_add_verify_data

- Ensure `free_ctx` is called in both error and success paths.
- Fix memory leak in `ctx.signature` when `do_add` fails."

Triggers found by static analyzer Svace.

Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
---

diff --git a/lib/ecdsa/ecdsa-libcrypto.c b/lib/ecdsa/ecdsa-libcrypto.c
index 1c5dde60691..f0095e9dbcf 100644
--- a/lib/ecdsa/ecdsa-libcrypto.c
+++ b/lib/ecdsa/ecdsa-libcrypto.c
@@ -363,8 +363,10 @@ int ecdsa_add_verify_data(struct image_sign_info *info, void *fdt)
 	ret = prepare_ctx(&ctx, info);
 	if (ret >= 0) {
 		ret = do_add(&ctx, fdt, fdt_key_name, info);
-		if (ret < 0)
-			ret = ret == -FDT_ERR_NOSPACE ? -ENOSPC : -EIO;
+		if (ret < 0) {
+			free_ctx(&ctx);
+			return ret == -FDT_ERR_NOSPACE ? -ENOSPC : -EIO;
+		}
 	}
 
 	free_ctx(&ctx);