lib/inflate.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-)
When inflate_codes() fails in inflate_dynamic(), the code jumps to the
'out' label which only frees 'll', leaking the Huffman tables 'tl' and
'td'. Restructure the code so that the decoding tables are always freed
before reaching the 'out' label.
Signed-off-by: Josh Law <objecting@objecting.org>
---
lib/inflate.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/lib/inflate.c b/lib/inflate.c
index 5b1e70d0ce8c..ae704e4f64ec 100644
--- a/lib/inflate.c
+++ b/lib/inflate.c
@@ -1009,10 +1009,10 @@ DEBG("dyn5d ");
DEBG("dyn6 ");
/* decompress until an end-of-block code */
- if (inflate_codes(tl, td, bl, bd)) {
+ if (inflate_codes(tl, td, bl, bd))
ret = 1;
- goto out;
- }
+ else
+ ret = 0;
DEBG("dyn7 ");
@@ -1021,7 +1021,6 @@ DEBG("dyn7 ");
huft_free(td);
DEBG(">");
- ret = 0;
out:
free(ll);
return ret;
--
2.43.0Hi Josh,
On Fri, Mar 06, 2026 at 04:16:47PM +0000, Josh Law wrote:
> When inflate_codes() fails in inflate_dynamic(), the code jumps to the
> 'out' label which only frees 'll', leaking the Huffman tables 'tl' and
> 'td'. Restructure the code so that the decoding tables are always freed
> before reaching the 'out' label.
>
> Signed-off-by: Josh Law <objecting@objecting.org>
The change itself looks good.
However, IIRC, this isn't the first time I've complained about the
following checkpatch.pl warning:
WARNING: From:/Signed-off-by: email address mismatch: 'From: Josh Law <hlcj1234567@gmail.com>' != 'Signed-off-by: Josh Law <objecting@objecting.org>'
Regards,
Kuan-Wei
> ---
> lib/inflate.c | 7 +++----
> 1 file changed, 3 insertions(+), 4 deletions(-)
>
> diff --git a/lib/inflate.c b/lib/inflate.c
> index 5b1e70d0ce8c..ae704e4f64ec 100644
> --- a/lib/inflate.c
> +++ b/lib/inflate.c
> @@ -1009,10 +1009,10 @@ DEBG("dyn5d ");
> DEBG("dyn6 ");
>
> /* decompress until an end-of-block code */
> - if (inflate_codes(tl, td, bl, bd)) {
> + if (inflate_codes(tl, td, bl, bd))
> ret = 1;
> - goto out;
> - }
> + else
> + ret = 0;
>
> DEBG("dyn7 ");
>
> @@ -1021,7 +1021,6 @@ DEBG("dyn7 ");
> huft_free(td);
>
> DEBG(">");
> - ret = 0;
> out:
> free(ll);
> return ret;
> --
> 2.43.0
>
>
7 Mar 2026 17:12:03 Kuan-Wei Chiu <visitorckw@gmail.com>:
> Hi Josh,
>
> On Fri, Mar 06, 2026 at 04:16:47PM +0000, Josh Law wrote:
>> When inflate_codes() fails in inflate_dynamic(), the code jumps to the
>> 'out' label which only frees 'll', leaking the Huffman tables 'tl' and
>> 'td'. Restructure the code so that the decoding tables are always freed
>> before reaching the 'out' label.
>>
>> Signed-off-by: Josh Law <objecting@objecting.org>
>
> The change itself looks good.
> However, IIRC, this isn't the first time I've complained about the
> following checkpatch.pl warning:
>
> WARNING: From:/Signed-off-by: email address mismatch: 'From: Josh Law <hlcj1234567@gmail.com>' != 'Signed-off-by: Josh Law <objecting@objecting.org>'
>
> Regards,
> Kuan-Wei
>
>> ---
>> lib/inflate.c | 7 +++----
>> 1 file changed, 3 insertions(+), 4 deletions(-)
>>
>> diff --git a/lib/inflate.c b/lib/inflate.c
>> index 5b1e70d0ce8c..ae704e4f64ec 100644
>> --- a/lib/inflate.c
>> +++ b/lib/inflate.c
>> @@ -1009,10 +1009,10 @@ DEBG("dyn5d ");
>> DEBG("dyn6 ");
>>
>> /* decompress until an end-of-block code */
>> - if (inflate_codes(tl, td, bl, bd)) {
>> + if (inflate_codes(tl, td, bl, bd))
>> ret = 1;
>> - goto out;
>> - }
>> + else
>> + ret = 0;
>>
>> DEBG("dyn7 ");
>>
>> @@ -1021,7 +1021,6 @@ DEBG("dyn7 ");
>> huft_free(td);
>>
>> DEBG(">");
>> - ret = 0;
>> out:
>> free(ll);
>> return ret;
>> --
>> 2.43.0
>>
>>
Hello Kuan, I did take your criticism and I fixed it, (by overriding the from: in the email to the from: in the changelog) but some things fall under the cracks sometimes, Andrew did fix it..
V/R
Josh law
© 2016 - 2026 Red Hat, Inc.