git-svn: trunk@2679
Tomasz Kojm authored on 2007/02/08 22:50:23... | ... |
@@ -221,7 +221,11 @@ static struct cl_engine *reload_db(struct cl_engine *engine, unsigned int dbopti |
221 | 221 |
} |
222 | 222 |
|
223 | 223 |
memset(dbstat, 0, sizeof(struct cl_stat)); |
224 |
- cl_statinidir(dbdir, dbstat); |
|
224 |
+ if((retval = cl_statinidir(dbdir, dbstat))) { |
|
225 |
+ logg("!cl_statinidir() failed: %s\n", cl_strerror(retval)); |
|
226 |
+ *ret = 1; |
|
227 |
+ return NULL; |
|
228 |
+ } |
|
225 | 229 |
|
226 | 230 |
if((retval = cl_load(dbdir, &engine, &sigs, dboptions))) { |
227 | 231 |
logg("!reload db failed: %s\n", cl_strerror(retval)); |
... | ... |
@@ -837,12 +837,13 @@ int unmew11(int sectnum, char *src, int off, int ssize, int dsize, uint32_t base |
837 | 837 |
|
838 | 838 |
/* LZMA stuff */ |
839 | 839 |
if (uselzma) { |
840 |
+ free(section); |
|
841 |
+ |
|
840 | 842 |
/* put everything in one section */ |
841 | 843 |
i = 1; |
842 | 844 |
if (!CLI_ISCONTAINED(src, size_sum, src+uselzma+8, 1)) |
843 | 845 |
{ |
844 | 846 |
cli_dbgmsg("MEW: couldn't access lzma 'special' tag\n"); |
845 |
- free(section); |
|
846 | 847 |
return -1; |
847 | 848 |
} |
848 | 849 |
/* 0x50 -> push eax */ |
... | ... |
@@ -850,18 +851,21 @@ int unmew11(int sectnum, char *src, int off, int ssize, int dsize, uint32_t base |
850 | 850 |
if (!CLI_ISCONTAINED(src, size_sum, f1+4, 20 + 4 + 5)) |
851 | 851 |
{ |
852 | 852 |
cli_dbgmsg("MEW: lzma initialization data not available!\n"); |
853 |
- free(section); |
|
854 | 853 |
return -1; |
855 | 854 |
} |
856 | 855 |
|
857 | 856 |
if(mew_lzma(src, f1+4, size_sum, vma, *(src + uselzma+8) == '\x50')) |
858 | 857 |
{ |
859 |
- free(section); |
|
860 | 858 |
return -1; |
861 | 859 |
} |
862 | 860 |
loc_ds=PESALIGN(loc_ds, 0x1000); |
863 | 861 |
|
864 | 862 |
section = cli_calloc(1, sizeof(struct cli_exe_section)); |
863 |
+ if(!section) { |
|
864 |
+ cli_dbgmsg("MEW: Out of memory\n"); |
|
865 |
+ return -1; |
|
866 |
+ } |
|
867 |
+ |
|
865 | 868 |
section[0].raw = 0; section[0].rva = vadd; |
866 | 869 |
section[0].rsz = section[0].vsz = dsize; |
867 | 870 |
} |
... | ... |
@@ -1399,6 +1399,7 @@ int cl_statinidir(const char *dirname, struct cl_stat *dbstat) |
1399 | 1399 |
|
1400 | 1400 |
if((dd = opendir(dirname)) == NULL) { |
1401 | 1401 |
cli_errmsg("cl_statdbdir(): Can't open directory %s\n", dirname); |
1402 |
+ cl_statfree(dbstat); |
|
1402 | 1403 |
return CL_EOPEN; |
1403 | 1404 |
} |
1404 | 1405 |
|
... | ... |
@@ -1436,12 +1437,33 @@ int cl_statinidir(const char *dirname, struct cl_stat *dbstat) |
1436 | 1436 |
cli_strbcasestr(dent->d_name, ".cvd"))) { |
1437 | 1437 |
|
1438 | 1438 |
dbstat->entries++; |
1439 |
- dbstat->stattab = (struct stat *) realloc(dbstat->stattab, dbstat->entries * sizeof(struct stat)); |
|
1439 |
+ dbstat->stattab = (struct stat *) cli_realloc(dbstat->stattab, dbstat->entries * sizeof(struct stat)); |
|
1440 |
+ if(!dbstat->stattab) { |
|
1441 |
+ /* FIXME: Minor error path memleak here. Change the |
|
1442 |
+ * behaviour of cli_realloc() to free old block on error |
|
1443 |
+ * (and review all calls to cli_realloc()). |
|
1444 |
+ */ |
|
1445 |
+ cl_statfree(dbstat); |
|
1446 |
+ closedir(dd); |
|
1447 |
+ return CL_EMEM; |
|
1448 |
+ } |
|
1449 |
+ |
|
1440 | 1450 |
#if defined(C_INTERIX) || defined(C_OS2) |
1441 |
- dbstat->statdname = (char **) realloc(dbstat->statdname, dbstat->entries * sizeof(char *)); |
|
1451 |
+ dbstat->statdname = (char **) cli_realloc(dbstat->statdname, dbstat->entries * sizeof(char *)); |
|
1452 |
+ if(!dbstat->statdname) { |
|
1453 |
+ cl_statfree(dbstat); |
|
1454 |
+ closedir(dd); |
|
1455 |
+ return CL_EMEM; |
|
1456 |
+ } |
|
1442 | 1457 |
#endif |
1443 | 1458 |
|
1444 | 1459 |
fname = cli_calloc(strlen(dirname) + strlen(dent->d_name) + 32, sizeof(char)); |
1460 |
+ if(!fname) { |
|
1461 |
+ cl_statfree(dbstat); |
|
1462 |
+ closedir(dd); |
|
1463 |
+ return CL_EMEM; |
|
1464 |
+ } |
|
1465 |
+ |
|
1445 | 1466 |
if(cli_strbcasestr(dent->d_name, ".inc")) { |
1446 | 1467 |
if(strstr(dent->d_name, "main")) |
1447 | 1468 |
sprintf(fname, "%s/main.inc/main.info", dirname); |
... | ... |
@@ -1452,6 +1474,12 @@ int cl_statinidir(const char *dirname, struct cl_stat *dbstat) |
1452 | 1452 |
} |
1453 | 1453 |
#if defined(C_INTERIX) || defined(C_OS2) |
1454 | 1454 |
dbstat->statdname[dbstat->entries - 1] = (char *) cli_calloc(strlen(dent->d_name) + 1, sizeof(char)); |
1455 |
+ if(!dbstat->statdname[dbstat->entries - 1]) { |
|
1456 |
+ cl_statfree(dbstat); |
|
1457 |
+ closedir(dd); |
|
1458 |
+ return CL_EMEM; |
|
1459 |
+ } |
|
1460 |
+ |
|
1455 | 1461 |
strcpy(dbstat->statdname[dbstat->entries - 1], dent->d_name); |
1456 | 1462 |
#endif |
1457 | 1463 |
stat(fname, &dbstat->stattab[dbstat->entries - 1]); |
... | ... |
@@ -1523,6 +1551,11 @@ int cl_statchkdir(const struct cl_stat *dbstat) |
1523 | 1523 |
cli_strbcasestr(dent->d_name, ".cvd"))) { |
1524 | 1524 |
|
1525 | 1525 |
fname = cli_calloc(strlen(dbstat->dir) + strlen(dent->d_name) + 32, sizeof(char)); |
1526 |
+ if(!fname) { |
|
1527 |
+ closedir(dd); |
|
1528 |
+ return CL_EMEM; |
|
1529 |
+ } |
|
1530 |
+ |
|
1526 | 1531 |
if(cli_strbcasestr(dent->d_name, ".inc")) { |
1527 | 1532 |
if(strstr(dent->d_name, "main")) |
1528 | 1533 |
sprintf(fname, "%s/main.inc/main.info", dbstat->dir); |
... | ... |
@@ -1568,17 +1601,23 @@ int cl_statfree(struct cl_stat *dbstat) |
1568 | 1568 |
#if defined(C_INTERIX) || defined(C_OS2) |
1569 | 1569 |
int i; |
1570 | 1570 |
|
1571 |
- for(i = 0;i < dbstat->entries; i++) { |
|
1572 |
- free(dbstat->statdname[i]); |
|
1573 |
- dbstat->statdname[i] = NULL; |
|
1571 |
+ if(dbstat->statdname) { |
|
1572 |
+ for(i = 0; i < dbstat->entries; i++) { |
|
1573 |
+ if(dbstat->statdname[i]) |
|
1574 |
+ free(dbstat->statdname[i]); |
|
1575 |
+ dbstat->statdname[i] = NULL; |
|
1576 |
+ } |
|
1577 |
+ free(dbstat->statdname); |
|
1578 |
+ dbstat->statdname = NULL; |
|
1574 | 1579 |
} |
1575 |
- free(dbstat->statdname); |
|
1576 |
- dbstat->statdname = NULL; |
|
1577 | 1580 |
#endif |
1578 | 1581 |
|
1579 |
- free(dbstat->stattab); |
|
1580 |
- dbstat->stattab = NULL; |
|
1582 |
+ if(dbstat->stattab) { |
|
1583 |
+ free(dbstat->stattab); |
|
1584 |
+ dbstat->stattab = NULL; |
|
1585 |
+ } |
|
1581 | 1586 |
dbstat->entries = 0; |
1587 |
+ |
|
1582 | 1588 |
if(dbstat->dir) { |
1583 | 1589 |
free(dbstat->dir); |
1584 | 1590 |
dbstat->dir = NULL; |
... | ... |
@@ -352,7 +352,7 @@ static int cli_scanzip(int desc, cli_ctx *ctx, off_t sfx_offset, uint32_t *sfx_c |
352 | 352 |
fstat(desc, &source); |
353 | 353 |
|
354 | 354 |
if(!(buff = (char *) cli_malloc(FILEBUFF))) { |
355 |
- cli_dbgmsg("Zip: unable to malloc(%d)\n", FILEBUFF); |
|
355 |
+ cli_dbgmsg("Zip: unable to malloc(%u)\n", FILEBUFF); |
|
356 | 356 |
zip_dir_close(zdir); |
357 | 357 |
return CL_EMEM; |
358 | 358 |
} |
... | ... |
@@ -740,8 +740,8 @@ static int cli_scanbzip(int desc, cli_ctx *ctx) |
740 | 740 |
} |
741 | 741 |
fd = fileno(tmp); |
742 | 742 |
|
743 |
- if(!(buff = (char *) malloc(FILEBUFF))) { |
|
744 |
- cli_dbgmsg("Bzip: Unable to malloc %d bytes.\n", FILEBUFF); |
|
743 |
+ if(!(buff = (char *) cli_malloc(FILEBUFF))) { |
|
744 |
+ cli_dbgmsg("Bzip: Unable to malloc %u bytes.\n", FILEBUFF); |
|
745 | 745 |
fclose(tmp); |
746 | 746 |
if(!cli_leavetemps_flag) |
747 | 747 |
unlink(tmpname); |
... | ... |
@@ -961,6 +961,11 @@ int cli_scandir(const char *dirname, cli_ctx *ctx) |
961 | 961 |
if(strcmp(dent->d_name, ".") && strcmp(dent->d_name, "..")) { |
962 | 962 |
/* build the full name */ |
963 | 963 |
fname = cli_calloc(strlen(dirname) + strlen(dent->d_name) + 2, sizeof(char)); |
964 |
+ if(!fname) { |
|
965 |
+ closedir(dd); |
|
966 |
+ return CL_EMEM; |
|
967 |
+ } |
|
968 |
+ |
|
964 | 969 |
sprintf(fname, "%s/%s", dirname, dent->d_name); |
965 | 970 |
|
966 | 971 |
/* stat the file */ |
... | ... |
@@ -1015,6 +1020,10 @@ static int cli_vba_scandir(const char *dirname, cli_ctx *ctx) |
1015 | 1015 |
|
1016 | 1016 |
for(i = 0; i < vba_project->count; i++) { |
1017 | 1017 |
fullname = (char *) cli_malloc(strlen(vba_project->dir) + strlen(vba_project->name[i]) + 2); |
1018 |
+ if(!fullname) { |
|
1019 |
+ ret = CL_EMEM; |
|
1020 |
+ break; |
|
1021 |
+ } |
|
1018 | 1022 |
sprintf(fullname, "%s/%s", vba_project->dir, vba_project->name[i]); |
1019 | 1023 |
fd = open(fullname, O_RDONLY|O_BINARY); |
1020 | 1024 |
if(fd == -1) { |
... | ... |
@@ -1060,6 +1069,10 @@ static int cli_vba_scandir(const char *dirname, cli_ctx *ctx) |
1060 | 1060 |
} else if ((vba_project = (vba_project_t *) wm_dir_read(dirname))) { |
1061 | 1061 |
for (i = 0; i < vba_project->count; i++) { |
1062 | 1062 |
fullname = (char *) cli_malloc(strlen(vba_project->dir) + strlen(vba_project->name[i]) + 2); |
1063 |
+ if(!fullname) { |
|
1064 |
+ ret = CL_EMEM; |
|
1065 |
+ break; |
|
1066 |
+ } |
|
1063 | 1067 |
sprintf(fullname, "%s/%s", vba_project->dir, vba_project->name[i]); |
1064 | 1068 |
fd = open(fullname, O_RDONLY|O_BINARY); |
1065 | 1069 |
if(fd == -1) { |
... | ... |
@@ -1098,12 +1111,15 @@ static int cli_vba_scandir(const char *dirname, cli_ctx *ctx) |
1098 | 1098 |
free(vba_project->dir); |
1099 | 1099 |
free(vba_project); |
1100 | 1100 |
} |
1101 |
- |
|
1101 |
+ |
|
1102 | 1102 |
if(ret != CL_CLEAN) |
1103 | 1103 |
return ret; |
1104 | 1104 |
|
1105 | 1105 |
/* Check directory for embedded OLE objects */ |
1106 | 1106 |
fullname = (char *) cli_malloc(strlen(dirname) + 16); |
1107 |
+ if(!fullname) |
|
1108 |
+ return CL_EMEM; |
|
1109 |
+ |
|
1107 | 1110 |
sprintf(fullname, "%s/_1_Ole10Native", dirname); |
1108 | 1111 |
fd = open(fullname, O_RDONLY|O_BINARY); |
1109 | 1112 |
free(fullname); |
... | ... |
@@ -1133,6 +1149,10 @@ static int cli_vba_scandir(const char *dirname, cli_ctx *ctx) |
1133 | 1133 |
if(strcmp(dent->d_name, ".") && strcmp(dent->d_name, "..")) { |
1134 | 1134 |
/* build the full name */ |
1135 | 1135 |
fname = cli_calloc(strlen(dirname) + strlen(dent->d_name) + 2, sizeof(char)); |
1136 |
+ if(!fname) { |
|
1137 |
+ ret = CL_EMEM; |
|
1138 |
+ break; |
|
1139 |
+ } |
|
1136 | 1140 |
sprintf(fname, "%s/%s", dirname, dent->d_name); |
1137 | 1141 |
|
1138 | 1142 |
/* stat the file */ |