[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b
Tomasz Kojm
tkojm at clamav.net
Sun Apr 4 01:08:30 UTC 2010
The following commit has been merged in the debian/unstable branch:
commit 9b3e1e858027f8413b8d6bb45379e562f689b387
Author: Tomasz Kojm <tkojm at clamav.net>
Date: Tue Oct 27 21:02:00 2009 +0100
clamdscan, libclamav, clamdtop, freshclam, sigtool: fix some error path leaks (bb#1730)
diff --git a/ChangeLog b/ChangeLog
index 0ce5c28..951e02a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Tue Oct 27 20:31:36 CET 2009 (tk)
+---------------------------------
+ * clamdscan, libclamav, clamdtop, freshclam, sigtool: fix some error path
+ leaks (bb#1730)
+
Tue Oct 27 11:59:32 CET 2009 (tk)
---------------------------------
* libclamav/scanners.c: drop hardcoded offset limits for embedded objs (bb#1664)
diff --git a/clamdscan/proto.c b/clamdscan/proto.c
index 8a199e9..dd18a37 100644
--- a/clamdscan/proto.c
+++ b/clamdscan/proto.c
@@ -172,7 +172,10 @@ static int send_stream(int sockd, const char *filename) {
}
} else fd = 0;
- if(sendln(sockd, "zINSTREAM", 10)) return -1;
+ if(sendln(sockd, "zINSTREAM", 10)) {
+ close(fd);
+ return -1;
+ }
while((len = read(fd, &buf[1], sizeof(buf) - sizeof(uint32_t))) > 0) {
if((unsigned int)len > todo) len = todo;
diff --git a/clamdtop/clamdtop.c b/clamdtop/clamdtop.c
index ff95cd6..7bc3be8 100644
--- a/clamdtop/clamdtop.c
+++ b/clamdtop/clamdtop.c
@@ -1191,6 +1191,7 @@ static void setup_connections(int argc, char *argv[])
}
}
optfree(opts);
+ free(conn);
#ifndef _WIN32
signal(SIGPIPE, SIG_IGN);
signal(SIGINT, sigint);
diff --git a/freshclam/manager.c b/freshclam/manager.c
index 97b0a85..af9dad6 100644
--- a/freshclam/manager.c
+++ b/freshclam/manager.c
@@ -1394,6 +1394,7 @@ static int buildcld(const char *tmpdir, const char *dbname, const char *newfile,
else
close(fd);
unlink(newfile);
+ closedir(dir);
return -1;
}
diff --git a/libclamav/regex/engine.c b/libclamav/regex/engine.c
index d51d594..201196d 100644
--- a/libclamav/regex/engine.c
+++ b/libclamav/regex/engine.c
@@ -206,6 +206,7 @@ matcher(struct re_guts *g, char *string, size_t nmatch, regmatch_t pmatch[],
m->pmatch = (regmatch_t *)cli_malloc((m->g->nsub + 1) *
sizeof(regmatch_t));
if (m->pmatch == NULL) {
+ free(m->lastpos);
STATETEARDOWN(m);
return(REG_ESPACE);
}
diff --git a/shared/cdiff.c b/shared/cdiff.c
index 01fec78..049bf77 100644
--- a/shared/cdiff.c
+++ b/shared/cdiff.c
@@ -623,8 +623,8 @@ static int cdiff_cmd_move(const char *cmdstr, struct cdiff_ctx *ctx, char *lbuf,
} while((lines < end_line) && fgets(lbuf, lbuflen, src) && lines++);
fclose(dst);
+ dst = NULL;
free(dstdb);
- dstdb = NULL;
free(start_str);
if(strncmp(lbuf, end_str, strlen(end_str))) {
@@ -643,6 +643,12 @@ static int cdiff_cmd_move(const char *cmdstr, struct cdiff_ctx *ctx, char *lbuf,
}
if(fputs(lbuf, tmp) == EOF) {
+ if(dst) {
+ fclose(dst);
+ free(dstdb);
+ free(start_str);
+ free(end_str);
+ }
free(srcdb);
fclose(src);
fclose(tmp);
@@ -656,7 +662,7 @@ static int cdiff_cmd_move(const char *cmdstr, struct cdiff_ctx *ctx, char *lbuf,
fclose(src);
fclose(tmp);
- if(dstdb) {
+ if(dst) {
fclose(dst);
free(start_str);
free(end_str);
diff --git a/sigtool/sigtool.c b/sigtool/sigtool.c
index 0d07a17..32c7e0d 100644
--- a/sigtool/sigtool.c
+++ b/sigtool/sigtool.c
@@ -219,6 +219,7 @@ static int utf16decode(const struct optstruct *opts)
newname = malloc(strlen(fname) + 7);
if(!newname) {
mprintf("!utf16decode: Can't allocate memory\n");
+ close(fd1);
return -1;
}
sprintf(newname, "%s.ascii", fname);
@@ -1057,6 +1058,7 @@ static int listdb(const char *filename, const regex_t *regex)
/* check for CVD file */
if(!fgets(buffer, 12, fh)) {
mprintf("!listdb: fgets failed\n");
+ free(buffer);
fclose(fh);
return -1;
}
@@ -1376,11 +1378,6 @@ static int compare(const char *oldpath, const char *newpath, FILE *diff)
long opos;
- if(!(new = fopen(newpath, "r"))) {
- mprintf("!compare: Can't open file %s for reading\n", newpath);
- return -1;
- }
-
if((omd5 = cli_md5file(oldpath))) {
if(!(nmd5 = cli_md5file(newpath))) {
mprintf("!compare: Can't get MD5 checksum of %s\n", newpath);
@@ -1398,6 +1395,10 @@ static int compare(const char *oldpath, const char *newpath, FILE *diff)
fprintf(diff, "OPEN %s\n", newpath);
+ if(!(new = fopen(newpath, "r"))) {
+ mprintf("!compare: Can't open file %s for reading\n", newpath);
+ return -1;
+ }
old = fopen(oldpath, "r");
while(fgets(nbuff, sizeof(nbuff), new)) {
@@ -1406,6 +1407,7 @@ static int compare(const char *oldpath, const char *newpath, FILE *diff)
mprintf("!compare: New %s file contains lines terminated with CRLF or CR\n", newpath);
if(old)
fclose(old);
+ fclose(new);
return -1;
}
cli_chomp(nbuff);
@@ -1466,10 +1468,12 @@ static int compare(const char *oldpath, const char *newpath, FILE *diff)
mprintf("!compare: COMPATIBILITY_LIMIT: Found too long line in new %s\n", newpath);
if(old)
fclose(old);
+ fclose(new);
return -1;
}
#endif
}
+ fclose(new);
if(old) {
while(fgets(obuff, sizeof(obuff), old)) {
@@ -1572,15 +1576,15 @@ static int verifydiff(const char *diff, const char *cvd, const char *incdir)
}
}
- if((fd = open(diff, O_RDONLY)) == -1) {
- mprintf("!verifydiff: Can't open diff file %s\n", diff);
+ if(!getcwd(cwd, sizeof(cwd))) {
+ mprintf("!verifydiff: getcwd() failed\n");
cli_rmdirs(tempdir);
free(tempdir);
return -1;
}
- if(!getcwd(cwd, sizeof(cwd))) {
- mprintf("!verifydiff: getcwd() failed\n");
+ if((fd = open(diff, O_RDONLY)) == -1) {
+ mprintf("!verifydiff: Can't open diff file %s\n", diff);
cli_rmdirs(tempdir);
free(tempdir);
return -1;
diff --git a/sigtool/vba.c b/sigtool/vba.c
index d3e6219..5527e9c 100644
--- a/sigtool/vba.c
+++ b/sigtool/vba.c
@@ -995,28 +995,36 @@ static int sigtool_scandir (const char *dirname, int hex_output)
dir = cli_gentemp (tmpdir);
if (mkdir (dir, 0700)) {
printf ("Can't create temporary directory %s\n", dir);
+ closedir (dd);
return CL_ETMPDIR;
}
if ((desc = open (fname, O_RDONLY|O_BINARY)) == -1) {
printf ("Can't open file %s\n", fname);
+ closedir (dd);
return 1;
}
ctx.fmap = cli_malloc(sizeof(struct F_MAP *));
if(!ctx.fmap) {
printf("malloc failed\n");
+ closedir (dd);
+ close(desc);
return 1;
}
*ctx.fmap = fmap(desc, 0, 0);
if(*ctx.fmap) {
printf("fmap failed\n");
+ closedir (dd);
+ close(desc);
return 1;
}
if ((ret = cli_ole2_extract (dir, &ctx, &vba))) {
printf ("ERROR %s\n", cl_strerror (ret));
cli_rmdirs (dir);
free (dir);
+ closedir (dd);
+ close(desc);
return ret;
}
--
Debian repository for ClamAV
More information about the Pkg-clamav-commits
mailing list