set_global_var_parse_kv() should pass the pointer from strdup()

A comment says that the caller should free k_out, but the pointer passed via k_out is not the same pointer we received from strdup(). Instead, it is a pointer into the region we received from strdup(). The free function should always be called with the original pointer, so this is likely a bug. We solve this by calling `strdup()` a second time and then freeing the original pointer. Coverity reported this as a memory leak. Reviewed-by: Neal Gompa <ngompa@datto.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu> Closes openzfs#13867
tonyhutter · Nov 22, 2022 · 0161578 · 0161578
1 parent 518de85
commit 0161578
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/lib/libzpool/util.c b/lib/libzpool/util.c
@@ -173,12 +173,13 @@ set_global_var_parse_kv(const char *arg, char **k_out, u_longlong_t *v_out)
 		goto err_free;
 	}
 
-	*k_out = k;
+	*k_out = strdup(k);
 	*v_out = val;
+	free(d);
 	return (0);
 
 err_free:
-	free(k);
+	free(d);
 
 	return (err);
 }