sumversion: Fix a memory leak in get_src_version()

strsep() modifies its first argument - buf.
An invalid pointer will be passed to the free() function.
Make the pointer passed to free() match the return value of
read_text_file().

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Fixes: 9413e7640564 ("kbuild: split the second line of *.mod into *.usyms")
Signed-off-by: Elena Salomatkina <esalomatkina@ispras.ru>
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>

diff --git a/scripts/mod/sumversion.c b/scripts/mod/sumversion.c
index e7d2da4..6de9af1 100644 (file)
--- a/scripts/mod/sumversion.c
+++ b/scripts/mod/sumversion.c
@@ -392,7 +392,7 @@ out_file:
 /* Calc and record src checksum. */
 void get_src_version(const char *modname, char sum[], unsigned sumlen)
 {
-       char *buf;
+       char *buf, *pos;
        struct md4_ctx md;
        char *fname;
        char filelist[PATH_MAX + 1];
@@ -401,9 +401,10 @@ void get_src_version(const char *modname, char sum[], unsigned sumlen)
        snprintf(filelist, sizeof(filelist), "%s.mod", modname);
 
        buf = read_text_file(filelist);
+       pos = buf;
 
        md4_init(&md);
-       while ((fname = strsep(&buf, "\n"))) {
+       while ((fname = strsep(&pos, "\n"))) {
                if (!*fname)
                        continue;
                if (!(is_static_library(fname)) &&