From 152362bcb1586203a961622d069ce1007cf5222e Mon Sep 17 00:00:00 2001
From: Andrew Borodin <aborodin@vmail.ru>
Date: Sat, 21 Dec 2024 10:19:02 +0300
Subject: [PATCH] Ticket #4616: (tar_read_header): fix double free.

When tar data block unexpected end then header_copy get freed but
"goto ret:" freed header_copy again.

Do not free header_copy at exit from the loop of reading tar blocks.

Found by Clang-19 Static Analyzer.

The bug was introduced in 8223f82857bfb7d3a84214242da18061feb49315.

Reported-by: Andreas Mohr <and@gmx.li>
Signed-off-by: Andrew Borodin <aborodin@vmail.ru>
---
 src/vfs/tar/tar.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/vfs/tar/tar.c b/src/vfs/tar/tar.c
index 185c9f4b8..38e3af43f 100644
--- a/src/vfs/tar/tar.c
+++ b/src/vfs/tar/tar.c
@@ -680,7 +680,6 @@ tar_read_header (struct vfs_class *me, struct vfs_s_super *archive)
                 data_block = tar_find_next_block (arch);
                 if (data_block == NULL)
                 {
-                    g_free (header_copy);
                     message (D_ERROR, MSG_ERROR, _("Unexpected EOF on archive file"));
                     status = HEADER_FAILURE;
                     goto ret;