OvmfPkg/GenericQemuLoadImageLib: plug cmdline blob leak on success

When QemuLoadKernelImage() ends successfully, the command-line blob is
not freed, even though it is not used elsewhere (its content is already
copied to KernelLoadedImage->LoadOptions).  The memory leak bug was
introduced in commit ddd2be6b0026 ("OvmfPkg: provide a generic
implementation of QemuLoadImageLib", 2020-03-05).

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Reported-by: Laszlo Ersek <lersek@redhat.com>
Fixes: ddd2be6b0026abcd0f819b3915fc80c3de81dd62
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Message-Id: <20210628105110.379951-2-dovmurik@linux.ibm.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>

1 files changed, 4 insertions, 2 deletions

diff --git a/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c b/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c
index 114db7e844..8a29976ae1 100644
--- a/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c
+++ b/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c
@@ -193,14 +193,16 @@ QemuLoadKernelImage (
   }

 

   *ImageHandle = KernelImageHandle;

-  return EFI_SUCCESS;

+  Status = EFI_SUCCESS;

 

 FreeCommandLine:

   if (CommandLineSize > 0) {

     FreePool (CommandLine);

   }

 UnloadImage:

-  gBS->UnloadImage (KernelImageHandle);

+  if (EFI_ERROR (Status)) {

+    gBS->UnloadImage (KernelImageHandle);

+  }

 

   return Status;

 }