1. clamav-devel
  2. Commit d426b12e56ac59ef52631bc462b488452743d3b9
Browse code

fix leaks in upack return

git-svn: trunk@2868

aCaB authored on 2007/02/26 02:57:08
Showing 2 changed files
ChangeLog
History View file @ d426b12
... ... 
@@ -1,3 +1,7 @@
1 
+Sun Feb 25 17:00:31 CET 2007 (acab)
2 
+-----------------------------------
3 
+  * libclamav/pe.c: fix leaks on upack return (bb#351)
4 
+
1 5 
 Sun Feb 25 14:40:10 CET 2007 (tk)
2 6 
 ---------------------------------
3 7 
   * libclamav/unzip.c: fix memory leak when extracting stored files
libclamav/pe.c
History View file @ d426b12
... ... 
@@ -1332,6 +1332,7 @@ int cli_scanpe(int desc, cli_ctx *ctx)
1332 1332 
 		{
1333 1333 
 		    cli_dbgmsg("Upack: Sizes exceeded (a: %u, b: %u, c: %ux, max: %lu)\n", a, b, c, ctx->limits->maxfilesize);
1334 1334 
 		    free(section_hdr);
1335 
+		    free(exe_sections);
1335 1336 
 		    if(BLOCKMAX) {
1336 1337 
 			*ctx->virname = "PE.Upack.ExceededFileSize";
1337 1338 
 			return CL_VIRUS;
... ... 
@@ -1348,6 +1349,7 @@ int cli_scanpe(int desc, cli_ctx *ctx)
1348 1348
1349 1349 
 		if((dest = (char *) cli_calloc(dsize, sizeof(char))) == NULL) {
1350 1350 
 		    free(section_hdr);
1351 
+		    free(exe_sections);
1351 1352 
 		    return CL_EMEM;
1352 1353 
 		}
1353 1354 
 		src = NULL;
... ... 
@@ -1359,6 +1361,7 @@ int cli_scanpe(int desc, cli_ctx *ctx)
1359 1359 
 							*/
1360 1360 
 		    cli_dbgmsg("Upack: Can't read raw data of section 0\n");
1361 1361 
 		    free(section_hdr);
1362 
+		    free(exe_sections);
1362 1363 
 		    free(dest);
1363 1364 
 		    return CL_EIO;
1364 1365 
 		}
... ... 
@@ -1371,17 +1374,23 @@ int cli_scanpe(int desc, cli_ctx *ctx)
1371 1371 
 		if(read(desc, dest+EC32(section_hdr[1].VirtualAddress) - off, EC32(section_hdr[1].SizeOfRawData)) != EC32(section_hdr[1].SizeOfRawData)) {
1372 1372 
 		    cli_dbgmsg("Upack: Can't read raw data of section 1\n");
1373 1373 
 		    free(section_hdr);
1374 
+		    free(exe_sections);
1374 1375 
 		    free(dest);
1375 1376 
 		    return CL_EIO;
1376 1377 
 		}
1377 1378
1378 
-		if(!(tempfile = cli_gentemp(NULL)))
1379 
+		if(!(tempfile = cli_gentemp(NULL))) {
1380 
+		    free(section_hdr);
1381 
+		    free(exe_sections);
1382 
+		    free(dest);
1379 1383 
 		    return CL_EMEM;
1384 
+		}
1380 1385
1381 1386 
 		if((file = open(tempfile, O_RDWR|O_CREAT|O_TRUNC, S_IRWXU)) < 0) {
1382 1387 
 		    cli_dbgmsg("Upack: Can't create file %s\n", tempfile);
1383 1388 
 		    free(tempfile);
1384 1389 
 		    free(section_hdr);
1390 
+		    free(exe_sections);
1385 1391 
 		    free(dest);
1386 1392 
 		    return CL_EIO;
1387 1393 
 		}
... ... 
@@ -1397,6 +1406,7 @@ int cli_scanpe(int desc, cli_ctx *ctx)
1397 1397 
 				cli_dbgmsg("***** Scanning rebuilt PE file *****\n");
1398 1398 
 				if(cli_magic_scandesc(file, ctx) == CL_VIRUS) {
1399 1399 
 					free(section_hdr);
1400 
+					free(exe_sections);
1400 1401 
 					close(file);
1401 1402 
 					if(!cli_leavetemps_flag)
1402 1403 
 						unlink(tempfile);
... ... 
@@ -1409,6 +1419,7 @@ int cli_scanpe(int desc, cli_ctx *ctx)
1409 1409 
 					unlink(tempfile);
1410 1410 
 				free(tempfile);
1411 1411 
 				free(section_hdr);
1412 
+				free(exe_sections);
1412 1413 
 				return CL_CLEAN;
1413 1414
1414 1415 
 			default: /* Everything gone wrong */