git-svn: trunk@2868
aCaB authored on 2007/02/26 02:57:08... | ... |
@@ -1,3 +1,7 @@ |
1 |
+Sun Feb 25 17:00:31 CET 2007 (acab) |
|
2 |
+----------------------------------- |
|
3 |
+ * libclamav/pe.c: fix leaks on upack return (bb#351) |
|
4 |
+ |
|
1 | 5 |
Sun Feb 25 14:40:10 CET 2007 (tk) |
2 | 6 |
--------------------------------- |
3 | 7 |
* libclamav/unzip.c: fix memory leak when extracting stored files |
... | ... |
@@ -1332,6 +1332,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1332 | 1332 |
{ |
1333 | 1333 |
cli_dbgmsg("Upack: Sizes exceeded (a: %u, b: %u, c: %ux, max: %lu)\n", a, b, c, ctx->limits->maxfilesize); |
1334 | 1334 |
free(section_hdr); |
1335 |
+ free(exe_sections); |
|
1335 | 1336 |
if(BLOCKMAX) { |
1336 | 1337 |
*ctx->virname = "PE.Upack.ExceededFileSize"; |
1337 | 1338 |
return CL_VIRUS; |
... | ... |
@@ -1348,6 +1349,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1348 | 1348 |
|
1349 | 1349 |
if((dest = (char *) cli_calloc(dsize, sizeof(char))) == NULL) { |
1350 | 1350 |
free(section_hdr); |
1351 |
+ free(exe_sections); |
|
1351 | 1352 |
return CL_EMEM; |
1352 | 1353 |
} |
1353 | 1354 |
src = NULL; |
... | ... |
@@ -1359,6 +1361,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1359 | 1359 |
*/ |
1360 | 1360 |
cli_dbgmsg("Upack: Can't read raw data of section 0\n"); |
1361 | 1361 |
free(section_hdr); |
1362 |
+ free(exe_sections); |
|
1362 | 1363 |
free(dest); |
1363 | 1364 |
return CL_EIO; |
1364 | 1365 |
} |
... | ... |
@@ -1371,17 +1374,23 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1371 | 1371 |
if(read(desc, dest+EC32(section_hdr[1].VirtualAddress) - off, EC32(section_hdr[1].SizeOfRawData)) != EC32(section_hdr[1].SizeOfRawData)) { |
1372 | 1372 |
cli_dbgmsg("Upack: Can't read raw data of section 1\n"); |
1373 | 1373 |
free(section_hdr); |
1374 |
+ free(exe_sections); |
|
1374 | 1375 |
free(dest); |
1375 | 1376 |
return CL_EIO; |
1376 | 1377 |
} |
1377 | 1378 |
|
1378 |
- if(!(tempfile = cli_gentemp(NULL))) |
|
1379 |
+ if(!(tempfile = cli_gentemp(NULL))) { |
|
1380 |
+ free(section_hdr); |
|
1381 |
+ free(exe_sections); |
|
1382 |
+ free(dest); |
|
1379 | 1383 |
return CL_EMEM; |
1384 |
+ } |
|
1380 | 1385 |
|
1381 | 1386 |
if((file = open(tempfile, O_RDWR|O_CREAT|O_TRUNC, S_IRWXU)) < 0) { |
1382 | 1387 |
cli_dbgmsg("Upack: Can't create file %s\n", tempfile); |
1383 | 1388 |
free(tempfile); |
1384 | 1389 |
free(section_hdr); |
1390 |
+ free(exe_sections); |
|
1385 | 1391 |
free(dest); |
1386 | 1392 |
return CL_EIO; |
1387 | 1393 |
} |
... | ... |
@@ -1397,6 +1406,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1397 | 1397 |
cli_dbgmsg("***** Scanning rebuilt PE file *****\n"); |
1398 | 1398 |
if(cli_magic_scandesc(file, ctx) == CL_VIRUS) { |
1399 | 1399 |
free(section_hdr); |
1400 |
+ free(exe_sections); |
|
1400 | 1401 |
close(file); |
1401 | 1402 |
if(!cli_leavetemps_flag) |
1402 | 1403 |
unlink(tempfile); |
... | ... |
@@ -1409,6 +1419,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1409 | 1409 |
unlink(tempfile); |
1410 | 1410 |
free(tempfile); |
1411 | 1411 |
free(section_hdr); |
1412 |
+ free(exe_sections); |
|
1412 | 1413 |
return CL_CLEAN; |
1413 | 1414 |
|
1414 | 1415 |
default: /* Everything gone wrong */ |