From 0abcf3d717acc336a29d30120f164a7f2e9d60e4 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 2 Jun 2017 14:57:29 -0400
Subject: [PATCH 10/22] Fix a data leak on the failure path.

Covscan says:

Error: RESOURCE_LEAK (CWE-772): [#def17]
libsmbios-2.3.3/src/libsmbios_c/cmos/cmos_obj.c:76: alloc_fn: Storage is returned from allocation function "calloc".
libsmbios-2.3.3/src/libsmbios_c/cmos/cmos_obj.c:76: var_assign: Assigning: "toReturn" = storage returned from "calloc(1UL, 72UL)".
libsmbios-2.3.3/src/libsmbios_c/cmos/cmos_obj.c:88: noescape: Resource "toReturn" is not freed or pointed-to in "init_cmos_struct".
libsmbios-2.3.3/src/libsmbios_c/cmos/cmos_linux.c:54:55: noescape: "init_cmos_struct(struct cmos_access_obj *)" does not free or save its parameter "m".
libsmbios-2.3.3/src/libsmbios_c/cmos/cmos_obj.c:97: overwrite_var: Overwriting "toReturn" in "toReturn = NULL" leaks the storage that "toReturn" points to.

And it's right; none of the failure paths actually free toReturn, only
things it points to.

This patch removes a bogus comment and frees the memory correctly.

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 src/libsmbios_c/cmos/cmos_obj.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/libsmbios_c/cmos/cmos_obj.c b/src/libsmbios_c/cmos/cmos_obj.c
index 04b81866a71..0b6c62544b2 100644
--- a/src/libsmbios_c/cmos/cmos_obj.c
+++ b/src/libsmbios_c/cmos/cmos_obj.c
@@ -91,9 +91,9 @@ LIBSMBIOS_C_DLL_SPEC struct cmos_access_obj *cmos_obj_factory(int flags, ...)
     if (ret==0)
         goto out;
 
-    // fail. init_cmos_* functions are responsible for free-ing memory if they
-    // return failure.
     toReturn->initialized = 0;
+    if (toReturn != &singleton)
+        free(toReturn);
     toReturn = 0;
 
 out:
-- 
2.14.3