[Forensics-changes] [yara] 298/368: Fix multiple memory leaks
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:30:50 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.5.0
in repository yara.
commit 6519dc125566b06430cbd763b27bbfdadf92ffd2
Author: plusvic <plusvic at gmail.com>
Date: Fri Jun 3 14:03:30 2016 +0200
Fix multiple memory leaks
---
libyara/arena.c | 24 +++++++-----------------
libyara/atoms.c | 6 ++++++
libyara/compiler.c | 4 ++++
libyara/modules.c | 5 ++++-
libyara/modules/pe.c | 22 ++++++++++++++--------
libyara/object.c | 2 ++
libyara/parser.c | 7 +++++--
libyara/rules.c | 18 ++++++++----------
8 files changed, 50 insertions(+), 38 deletions(-)
diff --git a/libyara/arena.c b/libyara/arena.c
index ecaf2f6..9f292fe 100644
--- a/libyara/arena.c
+++ b/libyara/arena.c
@@ -830,24 +830,15 @@ int yr_arena_duplicate(
// Only coalesced arenas can be duplicated.
assert(arena->flags & ARENA_FLAGS_COALESCED);
- new_arena = (YR_ARENA*) yr_malloc(sizeof(YR_ARENA));
-
- if (new_arena == NULL)
- return ERROR_INSUFICIENT_MEMORY;
-
page = arena->page_list_head;
- new_page = _yr_arena_new_page(page->size);
-
- if (new_page == NULL)
- {
- yr_free(new_arena);
- return ERROR_INSUFICIENT_MEMORY;
- }
- memcpy(new_page->address, page->address, page->size);
+ FAIL_ON_ERROR(yr_arena_create(page->size, arena->flags, &new_arena));
+ new_page = new_arena->current_page;
new_page->used = page->used;
+ memcpy(new_page->address, page->address, page->size);
+
reloc = page->reloc_list_head;
while (reloc != NULL)
@@ -855,7 +846,10 @@ int yr_arena_duplicate(
new_reloc = (YR_RELOC*) yr_malloc(sizeof(YR_RELOC));
if (new_reloc == NULL)
+ {
+ yr_arena_destroy(new_arena);
return ERROR_INSUFICIENT_MEMORY;
+ }
new_reloc->offset = reloc->offset;
new_reloc->next = NULL;
@@ -884,10 +878,6 @@ int yr_arena_duplicate(
reloc = reloc->next;
}
- new_arena->page_list_head = new_page;
- new_arena->current_page = new_page;
- new_arena->flags |= ARENA_FLAGS_COALESCED;
-
*duplicated = new_arena;
return ERROR_SUCCESS;
diff --git a/libyara/atoms.c b/libyara/atoms.c
index 09ebca6..bbe98cc 100644
--- a/libyara/atoms.c
+++ b/libyara/atoms.c
@@ -1015,7 +1015,10 @@ int yr_atoms_extract_from_re(
atom_tree->root_node = _yr_atoms_tree_node_create(ATOM_TREE_OR);
if (atom_tree->root_node == NULL)
+ {
+ _yr_atoms_tree_destroy(atom_tree);
return ERROR_INSUFICIENT_MEMORY;
+ }
atom_tree->current_leaf = NULL;
@@ -1023,7 +1026,10 @@ int yr_atoms_extract_from_re(
re->root_node, atom_tree, atom_tree->root_node);
if (atom_tree->root_node == NULL)
+ {
+ _yr_atoms_tree_destroy(atom_tree);
return ERROR_INSUFICIENT_MEMORY;
+ }
if (atom_tree->current_leaf != NULL)
_yr_atoms_tree_node_append(atom_tree->root_node, atom_tree->current_leaf);
diff --git a/libyara/compiler.c b/libyara/compiler.c
index 4b1aa0f..e20e200 100644
--- a/libyara/compiler.c
+++ b/libyara/compiler.c
@@ -540,6 +540,10 @@ int _yr_compiler_compile_rules(
compiler->compiled_rules_arena = arena;
result = yr_arena_coalesce(arena);
}
+ else
+ {
+ yr_arena_destroy(arena);
+ }
return result;
}
diff --git a/libyara/modules.c b/libyara/modules.c
index a6b691a..2315677 100644
--- a/libyara/modules.c
+++ b/libyara/modules.c
@@ -140,8 +140,11 @@ int yr_modules_load(
context->user_data);
if (result == CALLBACK_ERROR)
+ {
+ yr_object_destroy(module_structure);
return ERROR_CALLBACK_ERROR;
-
+ }
+
FAIL_ON_ERROR_WITH_CLEANUP(
yr_modules_do_declarations(module_name, module_structure),
yr_object_destroy(module_structure));
diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index 504c9fa..9cfbbf3 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -941,7 +941,10 @@ IMPORTED_FUNCTION* pe_parse_import_descriptor(
yr_calloc(1, sizeof(IMPORTED_FUNCTION));
if (imported_func == NULL)
+ {
+ yr_free(name);
continue;
+ }
imported_func->name = name;
imported_func->ordinal = ordinal;
@@ -1094,22 +1097,21 @@ IMPORTED_DLL* pe_parse_imports(
if (offset >= 0)
{
- IMPORTED_FUNCTION* functions;
+ IMPORTED_DLL* imported_dll;
char* dll_name = (char *) (pe->data + offset);
if (!pe_valid_dll_name(dll_name, pe->data_size - (size_t) offset))
break;
- functions = pe_parse_import_descriptor(
- pe, imports, dll_name);
+ imported_dll = (IMPORTED_DLL*) yr_calloc(1, sizeof(IMPORTED_DLL));
- if (functions != NULL)
+ if (imported_dll != NULL)
{
- IMPORTED_DLL* imported_dll = (IMPORTED_DLL*) yr_calloc(
- 1, sizeof(IMPORTED_DLL));
+ IMPORTED_FUNCTION* functions = pe_parse_import_descriptor(
+ pe, imports, dll_name);
- if (imported_dll != NULL)
+ if (functions != NULL)
{
imported_dll->name = yr_strdup(dll_name);;
imported_dll->functions = functions;
@@ -1123,6 +1125,10 @@ IMPORTED_DLL* pe_parse_imports(
tail = imported_dll;
}
+ else
+ {
+ yr_free(imported_dll);
+ }
}
}
@@ -1701,7 +1707,7 @@ define_function(imphash)
if (final_name == NULL)
break;
-
+
sprintf(final_name, first ? "%s.%s": ",%s.%s", dll_name, func->name);
// Lowercase the whole thing.
diff --git a/libyara/object.c b/libyara/object.c
index ef4dc49..f162cd6 100644
--- a/libyara/object.c
+++ b/libyara/object.c
@@ -45,6 +45,8 @@ int yr_object_create(
int i;
size_t object_size = 0;
+ assert(parent != NULL || object != NULL);
+
switch (type)
{
case OBJECT_TYPE_STRUCTURE:
diff --git a/libyara/parser.c b/libyara/parser.c
index 04afde8..6db2931 100644
--- a/libyara/parser.c
+++ b/libyara/parser.c
@@ -434,7 +434,7 @@ YR_STRING* yr_parser_reduce_string_declaration(
YR_STRING* prev_string;
RE* re = NULL;
- RE* remainder_re;
+ RE* remainder_re = NULL;
RE_ERROR re_error;
@@ -584,7 +584,7 @@ YR_STRING* yr_parser_reduce_string_declaration(
while (remainder_re != NULL)
{
- // Destroy regexp pointed by 're' before yr_re_split_at_jmp
+ // Destroy regexp pointed by 're' before yr_re_split_at_chaining_point
// overwrites 're' with another value.
yr_re_destroy(re);
@@ -666,6 +666,9 @@ _exit:
if (re != NULL)
yr_re_destroy(re);
+ if (remainder_re != NULL)
+ yr_re_destroy(remainder_re);
+
if (compiler->last_result != ERROR_SUCCESS)
return NULL;
diff --git a/libyara/rules.c b/libyara/rules.c
index 517a7c0..c6cad2a 100644
--- a/libyara/rules.c
+++ b/libyara/rules.c
@@ -628,21 +628,16 @@ YR_API int yr_rules_load_stream(
YR_STREAM* stream,
YR_RULES** rules)
{
- int result;
-
YARA_RULES_FILE_HEADER* header;
YR_RULES* new_rules = (YR_RULES*) yr_malloc(sizeof(YR_RULES));
if (new_rules == NULL)
return ERROR_INSUFICIENT_MEMORY;
- result = yr_arena_load_stream(stream, &new_rules->arena);
-
- if (result != ERROR_SUCCESS)
- {
- yr_free(new_rules);
- return result;
- }
+ FAIL_ON_ERROR_WITH_CLEANUP(
+ yr_arena_load_stream(stream, &new_rules->arena),
+ // cleanup
+ yr_free(new_rules));
header = (YARA_RULES_FILE_HEADER*)
yr_arena_base_address(new_rules->arena);
@@ -654,7 +649,10 @@ YR_API int yr_rules_load_stream(
new_rules->transition_table = header->transition_table;
new_rules->tidx_mask = 0;
- FAIL_ON_ERROR(yr_mutex_create(&new_rules->mutex));
+ FAIL_ON_ERROR_WITH_CLEANUP(
+ yr_mutex_create(&new_rules->mutex),
+ // cleanup
+ yr_free(new_rules));
*rules = new_rules;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list