git-svn: trunk@3064
Tomasz Kojm authored on 2007/05/26 08:10:58... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Sat May 26 00:31:10 CEST 2007 (tk) |
|
2 |
+---------------------------------- |
|
3 |
+ * libclamav: fix some possible error path leaks by changing cli_realloc() |
|
4 |
+ to cli_realloc2() |
|
5 |
+ |
|
1 | 6 |
Fri May 25 21:39:53 CEST 2007 (tk) |
2 | 7 |
---------------------------------- |
3 | 8 |
* libclamav/others.[ch]: add cli_realloc2() |
... | ... |
@@ -791,7 +791,7 @@ static iconv_t iconv_open_cached(const unsigned char* fromcode) |
791 | 791 |
idx = cache->last++; |
792 | 792 |
if(idx >= cache->len) { |
793 | 793 |
cache->len += 16; |
794 |
- cache->tab = cli_realloc(cache->tab, cache->len*sizeof(cache->tab[0])); |
|
794 |
+ cache->tab = cli_realloc2(cache->tab, cache->len*sizeof(cache->tab[0])); |
|
795 | 795 |
if(!cache->tab) { |
796 | 796 |
cli_dbgmsg("!Out of mem in iconv-pool\n"); |
797 | 797 |
errno = ENOMEM; |
... | ... |
@@ -303,18 +303,18 @@ static void html_tag_arg_add(tag_arguments_t *tags, |
303 | 303 |
{ |
304 | 304 |
int len, i; |
305 | 305 |
tags->count++; |
306 |
- tags->tag = (unsigned char **) cli_realloc(tags->tag, |
|
306 |
+ tags->tag = (unsigned char **) cli_realloc2(tags->tag, |
|
307 | 307 |
tags->count * sizeof(char *)); |
308 | 308 |
if (!tags->tag) { |
309 | 309 |
goto abort; |
310 | 310 |
} |
311 |
- tags->value = (unsigned char **) cli_realloc(tags->value, |
|
311 |
+ tags->value = (unsigned char **) cli_realloc2(tags->value, |
|
312 | 312 |
tags->count * sizeof(char *)); |
313 | 313 |
if (!tags->value) { |
314 | 314 |
goto abort; |
315 | 315 |
} |
316 | 316 |
if(tags->scanContents) { |
317 |
- tags->contents= (blob **) cli_realloc(tags->contents, |
|
317 |
+ tags->contents= (blob **) cli_realloc2(tags->contents, |
|
318 | 318 |
tags->count*sizeof(*tags->contents)); |
319 | 319 |
if(!tags->contents) { |
320 | 320 |
goto abort; |
... | ... |
@@ -85,7 +85,7 @@ int cli_ac_addpatt(struct cli_matcher *root, struct cli_ac_patt *pattern) |
85 | 85 |
} |
86 | 86 |
|
87 | 87 |
root->ac_nodes++; |
88 |
- root->ac_nodetable = (struct cli_ac_node **) cli_realloc(root->ac_nodetable, root->ac_nodes * sizeof(struct cli_ac_node *)); |
|
88 |
+ root->ac_nodetable = (struct cli_ac_node **) cli_realloc2(root->ac_nodetable, root->ac_nodes * sizeof(struct cli_ac_node *)); |
|
89 | 89 |
if(!root->ac_nodetable) { |
90 | 90 |
cli_errmsg("cli_ac_addpatt: Can't realloc ac_nodetable\n"); |
91 | 91 |
if(next->trans) |
... | ... |
@@ -103,7 +103,7 @@ int cli_ac_addpatt(struct cli_matcher *root, struct cli_ac_patt *pattern) |
103 | 103 |
} |
104 | 104 |
|
105 | 105 |
root->ac_patterns++; |
106 |
- root->ac_pattable = (struct cli_ac_patt **) cli_realloc(root->ac_pattable, root->ac_patterns * sizeof(struct cli_ac_patt *)); |
|
106 |
+ root->ac_pattable = (struct cli_ac_patt **) cli_realloc2(root->ac_pattable, root->ac_patterns * sizeof(struct cli_ac_patt *)); |
|
107 | 107 |
if(!root->ac_pattable) { |
108 | 108 |
cli_errmsg("cli_ac_addpatt: Can't realloc ac_pattable\n"); |
109 | 109 |
return CL_EMEM; |
... | ... |
@@ -670,9 +670,9 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex |
670 | 670 |
*start++ = 0; |
671 | 671 |
|
672 | 672 |
new->alt++; |
673 |
- new->altn = (uint16_t *) cli_realloc(new->altn, new->alt * sizeof(uint16_t)); |
|
673 |
+ new->altn = (uint16_t *) cli_realloc2(new->altn, new->alt * sizeof(uint16_t)); |
|
674 | 674 |
new->altn[new->alt - 1] = 0; |
675 |
- new->altc = (unsigned char **) cli_realloc(new->altc, new->alt * sizeof(char *)); |
|
675 |
+ new->altc = (unsigned char **) cli_realloc2(new->altc, new->alt * sizeof(char *)); |
|
676 | 676 |
new->altc[new->alt - 1] = NULL; |
677 | 677 |
|
678 | 678 |
for(i = 0; i < strlen(pt); i++) |
... | ... |
@@ -869,7 +869,7 @@ static bitset_t *bitset_realloc(bitset_t *bs, unsigned long min_size) |
869 | 869 |
unsigned long new_length; |
870 | 870 |
|
871 | 871 |
new_length = nearest_power(min_size); |
872 |
- bs->bitset = (unsigned char *) cli_realloc(bs->bitset, new_length); |
|
872 |
+ bs->bitset = (unsigned char *) cli_realloc2(bs->bitset, new_length); |
|
873 | 873 |
if (!bs->bitset) { |
874 | 874 |
return NULL; |
875 | 875 |
} |
... | ... |
@@ -712,7 +712,7 @@ static int cli_loadhdb(FILE *fd, struct cl_engine **engine, unsigned int *signo, |
712 | 712 |
|
713 | 713 |
if(!found) { |
714 | 714 |
md5_sect->soff_len++; |
715 |
- md5_sect->soff = (uint32_t *) cli_realloc(md5_sect->soff, md5_sect->soff_len * sizeof(uint32_t)); |
|
715 |
+ md5_sect->soff = (uint32_t *) cli_realloc2(md5_sect->soff, md5_sect->soff_len * sizeof(uint32_t)); |
|
716 | 716 |
if(!md5_sect->soff) { |
717 | 717 |
cli_errmsg("cli_loadhdb: Can't realloc md5_sect->soff\n"); |
718 | 718 |
free(bm_new->pattern); |
... | ... |
@@ -1266,19 +1266,15 @@ int cl_statinidir(const char *dirname, struct cl_stat *dbstat) |
1266 | 1266 |
cli_strbcasestr(dent->d_name, ".cvd"))) { |
1267 | 1267 |
|
1268 | 1268 |
dbstat->entries++; |
1269 |
- dbstat->stattab = (struct stat *) cli_realloc(dbstat->stattab, dbstat->entries * sizeof(struct stat)); |
|
1269 |
+ dbstat->stattab = (struct stat *) cli_realloc2(dbstat->stattab, dbstat->entries * sizeof(struct stat)); |
|
1270 | 1270 |
if(!dbstat->stattab) { |
1271 |
- /* FIXME: Minor error path memleak here. Change the |
|
1272 |
- * behaviour of cli_realloc() to free old block on error |
|
1273 |
- * (and review all calls to cli_realloc()). |
|
1274 |
- */ |
|
1275 | 1271 |
cl_statfree(dbstat); |
1276 | 1272 |
closedir(dd); |
1277 | 1273 |
return CL_EMEM; |
1278 | 1274 |
} |
1279 | 1275 |
|
1280 | 1276 |
#if defined(C_INTERIX) || defined(C_OS2) |
1281 |
- dbstat->statdname = (char **) cli_realloc(dbstat->statdname, dbstat->entries * sizeof(char *)); |
|
1277 |
+ dbstat->statdname = (char **) cli_realloc2(dbstat->statdname, dbstat->entries * sizeof(char *)); |
|
1282 | 1278 |
if(!dbstat->statdname) { |
1283 | 1279 |
cl_statfree(dbstat); |
1284 | 1280 |
closedir(dd); |
... | ... |
@@ -314,7 +314,7 @@ static int stack_push(struct node_stack* stack,struct tree_node* node) |
314 | 314 |
|
315 | 315 |
if(stack->cnt == stack->capacity) { |
316 | 316 |
stack->capacity += NODE_STACK_GROW; |
317 |
- stack->data = cli_realloc(stack->data,stack->capacity*sizeof(*stack->data)); |
|
317 |
+ stack->data = cli_realloc2(stack->data,stack->capacity*sizeof(*stack->data)); |
|
318 | 318 |
if(!stack->data) |
319 | 319 |
return CL_EMEM; |
320 | 320 |
} |
... | ... |
@@ -557,7 +557,7 @@ int load_regex_matcher(struct regex_matcher* matcher,FILE* fd,unsigned int optio |
557 | 557 |
struct cli_matcher* old_hosts = matcher->root_hosts; |
558 | 558 |
matcher->root_hosts_cnt++; |
559 | 559 |
|
560 |
- matcher->root_hosts = cli_realloc(matcher->root_hosts, matcher->root_hosts_cnt * sizeof(*matcher->root_hosts)); |
|
560 |
+ matcher->root_hosts = cli_realloc2(matcher->root_hosts, matcher->root_hosts_cnt * sizeof(*matcher->root_hosts)); |
|
561 | 561 |
if(!matcher->root_hosts) { |
562 | 562 |
matcher->root_hosts = old_hosts;/* according to manpage this must still be valid*/ |
563 | 563 |
return CL_EMEM; |
... | ... |
@@ -855,7 +855,7 @@ static const unsigned char* find_regex_start(const unsigned char* pat) |
855 | 855 |
altpositions[altpositions_cnt++] = last; |
856 | 856 |
if(altpositions_cnt == altpositions_capacity) { |
857 | 857 |
altpositions_capacity += ALT_STACK_GROW; |
858 |
- altpositions = cli_realloc(altpositions,altpositions_capacity*sizeof(*altpositions)); |
|
858 |
+ altpositions = cli_realloc2(altpositions,altpositions_capacity*sizeof(*altpositions)); |
|
859 | 859 |
if(!altpositions) |
860 | 860 |
return NULL; |
861 | 861 |
} |
... | ... |
@@ -951,7 +951,7 @@ static struct tree_node* tree_node_char_insert(struct tree_node* node,const char |
951 | 951 |
struct tree_node* new, *alt = tree_get_next(node); |
952 | 952 |
struct tree_node **children; |
953 | 953 |
node->alternatives++; |
954 |
- node->u.children = cli_realloc(node->u.children,tree_node_get_array_size(node)); |
|
954 |
+ node->u.children = cli_realloc2(node->u.children,tree_node_get_array_size(node)); |
|
955 | 955 |
if(!node->u.children) |
956 | 956 |
return NULL; |
957 | 957 |
|
... | ... |
@@ -1008,7 +1008,7 @@ static void tree_node_insert_nonbin(struct tree_node* node, struct tree_node* ne |
1008 | 1008 |
new->listend=1; |
1009 | 1009 |
return; |
1010 | 1010 |
} |
1011 |
- node->u.children = cli_realloc(node->u.children,sizeof(node->u.children[0])*(2)); |
|
1011 |
+ node->u.children = cli_realloc2(node->u.children,sizeof(node->u.children[0])*(2)); |
|
1012 | 1012 |
if(node->u.children) { |
1013 | 1013 |
node->u.children[idx] = new; |
1014 | 1014 |
} |
... | ... |
@@ -161,7 +161,7 @@ static int push_state(struct stack* stack,struct rtf_state* state) |
161 | 161 |
if(stack->stack_cnt >= stack->stack_size) { |
162 | 162 |
/* grow stack */ |
163 | 163 |
stack->stack_size += 128; |
164 |
- stack->states = cli_realloc(stack->states, stack->stack_size*sizeof(*stack->states)); |
|
164 |
+ stack->states = cli_realloc2(stack->states, stack->stack_size*sizeof(*stack->states)); |
|
165 | 165 |
if(!stack->states) |
166 | 166 |
return CL_EMEM; |
167 | 167 |
} |
... | ... |
@@ -873,10 +873,10 @@ static int add_vm_code(unpack_data_t *unpack_data, unsigned int first_byte, |
873 | 873 |
return FALSE; |
874 | 874 |
} |
875 | 875 |
unpack_data->old_filter_lengths_size++; |
876 |
- unpack_data->old_filter_lengths = (int *) cli_realloc(unpack_data->old_filter_lengths, |
|
876 |
+ unpack_data->old_filter_lengths = (int *) cli_realloc2(unpack_data->old_filter_lengths, |
|
877 | 877 |
sizeof(int) * unpack_data->old_filter_lengths_size); |
878 | 878 |
if(!unpack_data->old_filter_lengths) { |
879 |
- cli_dbgmsg("unrar: add_vm_code: cli_realloc failed for unpack_data->old_filter_lengths\n"); |
|
879 |
+ cli_dbgmsg("unrar: add_vm_code: cli_realloc2 failed for unpack_data->old_filter_lengths\n"); |
|
880 | 880 |
return FALSE; |
881 | 881 |
} |
882 | 882 |
unpack_data->old_filter_lengths[unpack_data->old_filter_lengths_size-1] = 0; |
... | ... |
@@ -1006,10 +1006,10 @@ static int add_vm_code(unpack_data_t *unpack_data, unsigned int first_byte, |
1006 | 1006 |
cur_size = stack_filter->prg.global_size; |
1007 | 1007 |
if (cur_size < data_size+VM_FIXEDGLOBALSIZE) { |
1008 | 1008 |
stack_filter->prg.global_size += data_size+VM_FIXEDGLOBALSIZE-cur_size; |
1009 |
- stack_filter->prg.global_data = cli_realloc(stack_filter->prg.global_data, |
|
1009 |
+ stack_filter->prg.global_data = cli_realloc2(stack_filter->prg.global_data, |
|
1010 | 1010 |
stack_filter->prg.global_size); |
1011 | 1011 |
if(!stack_filter->prg.global_data) { |
1012 |
- cli_dbgmsg("unrar: add_vm_code: cli_realloc failed for stack_filter->prg.global_data\n"); |
|
1012 |
+ cli_dbgmsg("unrar: add_vm_code: cli_realloc2 failed for stack_filter->prg.global_data\n"); |
|
1013 | 1013 |
return FALSE; |
1014 | 1014 |
} |
1015 | 1015 |
} |
... | ... |
@@ -49,7 +49,7 @@ void rar_cmd_array_reset(rar_cmd_array_t *cmd_a) |
49 | 49 |
int rar_cmd_array_add(rar_cmd_array_t *cmd_a, int num) |
50 | 50 |
{ |
51 | 51 |
cmd_a->num_items += num; |
52 |
- cmd_a->array = (struct rarvm_prepared_command *) cli_realloc(cmd_a->array, |
|
52 |
+ cmd_a->array = (struct rarvm_prepared_command *) cli_realloc2(cmd_a->array, |
|
53 | 53 |
cmd_a->num_items * sizeof(struct rarvm_prepared_command)); |
54 | 54 |
if (cmd_a->array == NULL) { |
55 | 55 |
return FALSE; |
... | ... |
@@ -59,7 +59,7 @@ void rar_filter_array_reset(rar_filter_array_t *filter_a) |
59 | 59 |
int rar_filter_array_add(rar_filter_array_t *filter_a, int num) |
60 | 60 |
{ |
61 | 61 |
filter_a->num_items += num; |
62 |
- filter_a->array = (struct UnpackFilter **) cli_realloc(filter_a->array, |
|
62 |
+ filter_a->array = (struct UnpackFilter **) cli_realloc2(filter_a->array, |
|
63 | 63 |
filter_a->num_items * sizeof(struct UnpackFilter **)); |
64 | 64 |
if (filter_a->array == NULL) { |
65 | 65 |
filter_a->num_items=0; |
... | ... |
@@ -922,9 +922,9 @@ int rarvm_execute(rarvm_data_t *rarvm_data, struct rarvm_prepared_program *prg) |
922 | 922 |
(unsigned int *)&rarvm_data->mem[VM_GLOBALMEMADDR+0x30]),VM_GLOBALMEMSIZE); |
923 | 923 |
if (data_size != 0) { |
924 | 924 |
prg->global_size += data_size+VM_FIXEDGLOBALSIZE; |
925 |
- prg->global_data = cli_realloc(prg->global_data, prg->global_size); |
|
925 |
+ prg->global_data = cli_realloc2(prg->global_data, prg->global_size); |
|
926 | 926 |
if(!prg->global_data) { |
927 |
- cli_dbgmsg("unrar: rarvm_execute: cli_realloc failed for prg->global_data\n"); |
|
927 |
+ cli_dbgmsg("unrar: rarvm_execute: cli_realloc2 failed for prg->global_data\n"); |
|
928 | 928 |
return FALSE; |
929 | 929 |
} |
930 | 930 |
memcpy(prg->global_data, &rarvm_data->mem[VM_GLOBALMEMADDR], |
... | ... |
@@ -1079,9 +1079,9 @@ int rarvm_prepare(rarvm_data_t *rarvm_data, rarvm_input_t *rarvm_input, unsigned |
1079 | 1079 |
} |
1080 | 1080 |
for (i=0 ; rarvm_input->in_addr < code_size && i < data_size ; i++) { |
1081 | 1081 |
prg->static_size++; |
1082 |
- prg->static_data = cli_realloc(prg->static_data, prg->static_size); |
|
1082 |
+ prg->static_data = cli_realloc2(prg->static_data, prg->static_size); |
|
1083 | 1083 |
if(!prg->static_data) { |
1084 |
- cli_dbgmsg("unrar: rarvm_prepare: cli_realloc failed for prg->static_data\n"); |
|
1084 |
+ cli_dbgmsg("unrar: rarvm_prepare: cli_realloc2 failed for prg->static_data\n"); |
|
1085 | 1085 |
return FALSE; |
1086 | 1086 |
} |
1087 | 1087 |
prg->static_data[i] = rarvm_getbits(rarvm_input) >> 8; |
... | ... |
@@ -1358,7 +1358,7 @@ static macro_extnames_t *wm_read_macro_extnames(int fd) |
1358 | 1358 |
while (lseek(fd, 0, SEEK_CUR) < offset_end) { |
1359 | 1359 |
macro_extnames->count++; |
1360 | 1360 |
macro_extnames->macro_extname = (macro_extname_t *) |
1361 |
- cli_realloc(macro_extnames->macro_extname, |
|
1361 |
+ cli_realloc2(macro_extnames->macro_extname, |
|
1362 | 1362 |
sizeof(macro_extname_t) * macro_extnames->count); |
1363 | 1363 |
if (macro_extnames->macro_extname == NULL) { |
1364 | 1364 |
cli_dbgmsg("read macro_extnames failed\n"); |