From 388b66eb003d3026945992bd48f9180aff8b4f01 Mon Sep 17 00:00:00 2001
From: Tavian Barnes <tavianator@tavianator.com>
Date: Sat, 27 Feb 2016 12:31:10 -0500
Subject: Fix potential leaks in -lname.

---
 eval.c | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/eval.c b/eval.c
index 7d56f8d..81d2de7 100644
--- a/eval.c
+++ b/eval.c
@@ -315,36 +315,41 @@ bool eval_links(const struct expr *expr, struct eval_state *state) {
  * -i?lname test.
  */
 bool eval_lname(const struct expr *expr, struct eval_state *state) {
+	bool ret = false;
+	char *name = NULL;
+
 	struct BFTW *ftwbuf = state->ftwbuf;
 	if (ftwbuf->typeflag != BFTW_LNK) {
-		return false;
+		goto done;
 	}
 
 	const struct stat *statbuf = fill_statbuf(state);
 	if (!statbuf) {
-		return false;
+		goto done;
 	}
 
 	size_t size = statbuf->st_size + 1;
-	char *name = malloc(size);
+	name = malloc(size);
 	if (!name) {
 		eval_error(state);
-		return false;
+		goto done;
 	}
 
-	ssize_t ret = readlinkat(ftwbuf->at_fd, ftwbuf->at_path, name, size);
-	if (ret < 0) {
+	ssize_t len = readlinkat(ftwbuf->at_fd, ftwbuf->at_path, name, size);
+	if (len < 0) {
 		eval_error(state);
-		return false;
-	} else if (ret >= size) {
-		return false;
+		goto done;
+	} else if (len >= size) {
+		goto done;
 	}
 
-	name[ret] = '\0';
+	name[len] = '\0';
+
+	ret = fnmatch(expr->sdata, name, expr->idata) == 0;
 
-	bool match = fnmatch(expr->sdata, name, expr->idata) == 0;
+done:
 	free(name);
-	return match;
+	return ret;
 }
 
 /**
-- 
cgit v1.2.3