From 45203e0ccbfaab5eafe3b6a7b8bb742182a83077 Mon Sep 17 00:00:00 2001
From: Heinrich Schuchardt <xypron.glpk@gmx.de>
Date: Tue, 30 Apr 2019 07:14:09 +0200
Subject: [PATCH] efi_loader: memory leak in append value

When printing an UEFI variable an error may arise while converting an
illegal hexadecimal value. In this case a buffer is leaked.

Close the memory leak. Provide an error message.

Reported-by: Coverity (CID 185830)
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
---
 cmd/nvedit_efi.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cmd/nvedit_efi.c b/cmd/nvedit_efi.c
index e65b38dbf3..2805e8182b 100644
--- a/cmd/nvedit_efi.c
+++ b/cmd/nvedit_efi.c
@@ -291,8 +291,11 @@ static int append_value(char **bufp, size_t *sizep, char *data)
 		if (!tmp_buf)
 			return -1;
 
-		if (hex2bin((u8 *)tmp_buf, data, len) < 0)
+		if (hex2bin((u8 *)tmp_buf, data, len) < 0) {
+			printf("Error: illegal hexadecimal string\n");
+			free(tmp_buf);
 			return -1;
+		}
 
 		value = tmp_buf;
 	} else { /* string */
-- 
2.39.5