From 64cd2f21edfee11451768b0e793801d28752532e Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Thu, 7 Dec 2023 14:14:21 +0000
Subject: [PATCH] Fix potential double-free in calloc selftest

Where calloc returns two references to the same buffer, avoid calling
free() on both references by setting one to NULL.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 programs/test/selftest.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index 61dde5ed1..e132e4c0c 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -79,6 +79,7 @@ static int calloc_self_test(int verbose)
         if (verbose) {
             mbedtls_printf("  CALLOC(0,1): passed (same non-null)\n");
         }
+        empty2 = NULL;
     } else {
         if (verbose) {
             mbedtls_printf("  CALLOC(0,1): passed (distinct non-null)\n");
@@ -103,6 +104,7 @@ static int calloc_self_test(int verbose)
         if (verbose) {
             mbedtls_printf("  CALLOC(1,0): passed (same non-null)\n");
         }
+        empty2 = NULL;
     } else {
         if (verbose) {
             mbedtls_printf("  CALLOC(1,0): passed (distinct non-null)\n");
@@ -119,6 +121,7 @@ static int calloc_self_test(int verbose)
             mbedtls_printf("  CALLOC(1): failed (same buffer twice)\n");
         }
         ++failures;
+        buffer2 = NULL;
     } else {
         if (verbose) {
             mbedtls_printf("  CALLOC(1): passed\n");