efi/libstub: Free correct pointer on failure

commit 06d39d79cbd5a91a33707951ebf2512d0e759847 upstream.

cmdline_ptr is an out parameter, which is not allocated by the function
itself, and likely points into the caller's stack.

cmdline refers to the pool allocation that should be freed when cleaning
up after a failure, so pass this instead to free_pool().

Fixes: 42c8ea3dca09 ("efi: libstub: Factor out EFI stub entrypoint ...")
Cc: <stable@vger.kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/firmware/efi/libstub/efi-stub.c b/drivers/firmware/efi/libstub/efi-stub.c
index c5732fb5a56545b11a7371e801209f07faeeeb93..ec01b7d3b6d4d5ce087748ec308accda2bbcbdd4 100644 (file)
--- a/drivers/firmware/efi/libstub/efi-stub.c
+++ b/drivers/firmware/efi/libstub/efi-stub.c
@@ -149,7 +149,7 @@ efi_status_t efi_handle_cmdline(efi_loaded_image_t *image, char **cmdline_ptr)
        return EFI_SUCCESS;
 
 fail_free_cmdline:
-       efi_bs_call(free_pool, cmdline_ptr);
+       efi_bs_call(free_pool, cmdline);
        return status;
 }