fix use-after-free in pci.ids parsing

If a device that is not in pci.ids has its name looked up after a device
that *was* present in pci.ids, these pointers are still set even though
they've been free'd, and then get passed to snprintf resulting in a
use-after-free.

diff --git a/nvme-models.c b/nvme-models.c
index e55e7b07c2d51558dd9d7bcc3ca4a17ae15cafc7..c2b16c336a03e7228355393b066a7d596fe6739a 100644 (file)
--- a/nvme-models.c
+++ b/nvme-models.c
@@ -32,11 +32,17 @@ static char *class_final;
 static void free_all(void)
 {
        free(device_top);
+       device_top = NULL;
        free(device_mid);
+       device_mid = NULL;
        free(device_final);
+       device_final = NULL;
        free(class_top);
+       class_top = NULL;
        free(class_mid);
+       class_mid = NULL;
        free(class_final);
+       class_final = NULL;
 }
 
 static char *find_data(char *data)