From 1f364106ce30f99d7b14df9bc7ab66fdd7fdb9ec Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 6 Oct 2019 01:18:04 +0200 Subject: [PATCH] fix few mem leaks --- client/cmdcrc.c | 2 ++ client/cmdhficlass.c | 2 ++ client/cmdhfmf.c | 5 ++++- client/cmdlfnoralsy.c | 3 ++- client/cmdlfpyramid.c | 4 +--- client/cmdlft55xx.c | 1 + client/cmdscript.c | 1 + client/comms.c | 3 ++- client/emv/cmdemv.c | 1 + client/fileutils.c | 17 +++++++++++------ client/graph.c | 3 +-- client/mifare/mifarehost.c | 1 + client/proxmark3.c | 2 +- client/scripting.c | 1 + 14 files changed, 31 insertions(+), 15 deletions(-) diff --git a/client/cmdcrc.c b/client/cmdcrc.c index 7f41b90e3..d51e18021 100644 --- a/client/cmdcrc.c +++ b/client/cmdcrc.c @@ -89,6 +89,8 @@ int GetModels(char *Models[], int *count, uint8_t *width) { memcpy(tmp, model.name, size); Models[mode] = tmp; width[mode] = plen(model.spoly); + } else { + free(tmp); } } mfree(&model); diff --git a/client/cmdhficlass.c b/client/cmdhficlass.c index a8526cbde..61710201e 100644 --- a/client/cmdhficlass.c +++ b/client/cmdhficlass.c @@ -757,6 +757,7 @@ static int CmdHFiClassELoad(const char *Cmd) { } default: PrintAndLogEx(ERR, "No dictionary loaded"); + free(dump); return PM3_ESOFT; } @@ -977,6 +978,7 @@ static int CmdHFiClassEncryptBlk(const char *Cmd) { return PM3_EINVARG; memcpy(key, keyptr, sizeof(key)); + free(keyptr); } iClassEncryptBlkData(blk_data, key); diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c index a660ae1b3..8c7cfcee7 100644 --- a/client/cmdhfmf.c +++ b/client/cmdhfmf.c @@ -2607,7 +2607,10 @@ static int CmdHF14AMfChk(const char *Cmd) { if (param_getchar(Cmd, 0) == '*') { blockNo = 3; SectorsCnt = NumOfSectors(param_getchar(Cmd + 1, 0)); - if (SectorsCnt == 0) return usage_hf14_chk(); + if (SectorsCnt == 0) { + free(keyBlock); + return usage_hf14_chk(); + } } else { blockNo = param_get8(Cmd, 0); } diff --git a/client/cmdlfnoralsy.c b/client/cmdlfnoralsy.c index 207d6e4f8..ed6ff0e09 100644 --- a/client/cmdlfnoralsy.c +++ b/client/cmdlfnoralsy.c @@ -142,7 +142,6 @@ static int CmdNoralsyClone(const char *Cmd) { uint16_t year = 0; uint32_t id = 0; uint32_t blocks[4] = {T55x7_MODULATION_MANCHESTER | T55x7_BITRATE_RF_32 | T55x7_ST_TERMINATOR | 3 << T55x7_MAXBLOCK_SHIFT, 0, 0}; - uint8_t *bits = calloc(96, sizeof(uint8_t)); char cmdp = tolower(param_getchar(Cmd, 0)); if (strlen(Cmd) == 0 || cmdp == 'h') return usage_lf_noralsy_clone(); @@ -154,8 +153,10 @@ static int CmdNoralsyClone(const char *Cmd) { if (tolower(param_getchar(Cmd, 2) == 'q')) blocks[0] = T5555_MODULATION_MANCHESTER | T5555_SET_BITRATE(32) | T5555_ST_TERMINATOR | 3 << T5555_MAXBLOCK_SHIFT; + uint8_t *bits = calloc(96, sizeof(uint8_t)); if (getnoralsyBits(id, year, bits) != PM3_SUCCESS) { PrintAndLogEx(ERR, "Error with tag bitstream generation."); + free(bits); return PM3_ESOFT; } diff --git a/client/cmdlfpyramid.c b/client/cmdlfpyramid.c index 0f21c7c33..d8c9511a6 100644 --- a/client/cmdlfpyramid.c +++ b/client/cmdlfpyramid.c @@ -217,16 +217,14 @@ static int CmdPyramidClone(const char *Cmd) { char cmdp = tolower(param_getchar(Cmd, 0)); if (strlen(Cmd) == 0 || cmdp == 'h') return usage_lf_pyramid_clone(); - uint32_t facilitycode = 0, cardnumber = 0, fc = 0, cn = 0; + if (sscanf(Cmd, "%u %u", &fc, &cn) != 2) return usage_lf_pyramid_clone(); uint32_t blocks[5]; uint8_t *bs = calloc(128, sizeof(uint8_t)); if (bs == NULL) { return PM3_EMALLOC; } - if (sscanf(Cmd, "%u %u", &fc, &cn) != 2) return usage_lf_pyramid_clone(); - facilitycode = (fc & 0x000000FF); cardnumber = (cn & 0x0000FFFF); diff --git a/client/cmdlft55xx.c b/client/cmdlft55xx.c index eaa181aad..f00328fcd 100644 --- a/client/cmdlft55xx.c +++ b/client/cmdlft55xx.c @@ -2446,6 +2446,7 @@ static int CmdResetRead(const char *Cmd) { if (!GetFromDevice(BIG_BUF, got, sizeof(got), 0, NULL, 0, NULL, 2500, false)) { PrintAndLogEx(WARNING, "command execution time out"); + free(got); return PM3_ETIMEOUT; } setGraphBuf(got, sizeof(got)); diff --git a/client/cmdscript.c b/client/cmdscript.c index 6d7858d54..245ae61dc 100644 --- a/client/cmdscript.c +++ b/client/cmdscript.c @@ -60,6 +60,7 @@ static int CmdScriptRun(const char *Cmd) { int error; if (luascriptfile_idx == MAX_NESTED_LUASCRIPT) { PrintAndLogEx(ERR, "Too many nested scripts, skipping %s\n", script_path); + free(script_path); return PM3_EMALLOC; } PrintAndLogEx(SUCCESS, "Executing Lua script: %s, args '%s'\n", script_path, arguments); diff --git a/client/comms.c b/client/comms.c index bdb6e5ab1..1ccdb4d05 100644 --- a/client/comms.c +++ b/client/comms.c @@ -302,7 +302,8 @@ static void PacketResponseReceived(PacketResponseNG *packet) { break; } case CMD_DEBUG_PRINT_INTEGERS: { - PrintAndLogEx(NORMAL, "#db# %" PRIx64 ", %" PRIx64 ", %" PRIx64 "", packet->oldarg[0], packet->oldarg[1], packet->oldarg[2]); + if (! packet->ng) + PrintAndLogEx(NORMAL, "#db# %" PRIx64 ", %" PRIx64 ", %" PRIx64 "", packet->oldarg[0], packet->oldarg[1], packet->oldarg[2]); break; } // iceman: hw status - down the path on device, runs printusbspeed which starts sending a lot of diff --git a/client/emv/cmdemv.c b/client/emv/cmdemv.c index cead47287..e3c88c3e3 100644 --- a/client/emv/cmdemv.c +++ b/client/emv/cmdemv.c @@ -752,6 +752,7 @@ static void ProcessACResponseFormat1(struct tlvdb *tlvRoot, uint8_t *buf, size_t if (decodeTLV) TLVPrintFromTLV(tlvElm); } + tlvdb_free(tlvElm); } } else { if (decodeTLV) diff --git a/client/fileutils.c b/client/fileutils.c index 79906020e..b8ee376f1 100644 --- a/client/fileutils.c +++ b/client/fileutils.c @@ -410,7 +410,6 @@ int loadFile(const char *preferredName, const char *suffix, void *data, size_t m } size_t bytes_read = fread(dump, 1, fsize, f); - fclose(f); if (bytes_read != fsize) { PrintAndLogEx(FAILED, "error, bytes read mismatch file size"); @@ -432,6 +431,7 @@ int loadFile(const char *preferredName, const char *suffix, void *data, size_t m *datalen = bytes_read; out: + fclose(f); free(fileName); return retval; } @@ -444,8 +444,6 @@ int loadFile_safe(const char *preferredName, const char *suffix, void **pdata, s return PM3_EFILE; } - int retval = PM3_SUCCESS; - FILE *f = fopen(path, "rb"); if (!f) { PrintAndLogEx(WARNING, "file not found or locked. '" _YELLOW_("%s")"'", path); @@ -478,13 +476,14 @@ int loadFile_safe(const char *preferredName, const char *suffix, void **pdata, s if (bytes_read != fsize) { PrintAndLogEx(FAILED, "error, bytes read mismatch file size"); + free(*pdata); return PM3_EFILE; } *datalen = bytes_read; PrintAndLogEx(SUCCESS, "loaded %zu bytes from binary file " _YELLOW_("%s"), bytes_read, preferredName); - return retval; + return PM3_SUCCESS; } int loadFileEML(const char *preferredName, void *data, size_t *datalen) { @@ -782,7 +781,9 @@ int loadFileDICTIONARY_safe(const char *preferredName, void **pdata, uint8_t key *pdata = realloc(*pdata, mem_size); if (*pdata == NULL) { - return PM3_EFILE; + retval = PM3_EFILE; + fclose(f); + goto out; } else { memset(*pdata + (mem_size - block_size), 0, block_size); } @@ -1058,8 +1059,12 @@ int searchFile(char **foundpath, const char *pm3dir, const char *searchname, con char *filename = filenamemcopy(searchname, suffix); - if (filename == NULL || strlen(filename) == 0) + if (filename == NULL) return PM3_EMALLOC; + if (strlen(filename) == 0) { + free(filename); + return PM3_EFILE; + } int res = searchFinalFile(foundpath, pm3dir, filename, silent); if (res != PM3_SUCCESS) { if ((res == PM3_EFILE) && (!silent)) diff --git a/client/graph.c b/client/graph.c index be1d64920..f9e610414 100644 --- a/client/graph.c +++ b/client/graph.c @@ -210,14 +210,13 @@ uint8_t GetPskCarrier(const char *str, bool printAns) { } uint16_t fc = countFC(bits, size, false); + free(bits); carrier = fc & 0xFF; if (carrier != 2 && carrier != 4 && carrier != 8) return 0; if ((fc >> 8) == 10 && carrier == 8) return 0; // Only print this message if we're not looping something if (printAns) PrintAndLogEx(SUCCESS, "Auto-detected PSK carrier rate: %d", carrier); - - free(bits); return carrier; } diff --git a/client/mifare/mifarehost.c b/client/mifare/mifarehost.c index d61201662..1f7f2e35a 100644 --- a/client/mifare/mifarehost.c +++ b/client/mifare/mifarehost.c @@ -577,6 +577,7 @@ int mfEmlSetMem_xt(uint8_t *data, int blockNum, int blocksCount, int blockBtWidt clearCommandBuffer(); SendCommandNG(CMD_HF_MIFARE_EML_MEMSET, (uint8_t *)payload, sizeof(payload) + size); + free(payload); return PM3_SUCCESS; } diff --git a/client/proxmark3.c b/client/proxmark3.c index a2d4ebd72..a6eadb15b 100644 --- a/client/proxmark3.c +++ b/client/proxmark3.c @@ -386,7 +386,7 @@ static int flash_pm3(char *serial_port_name, uint8_t num_files, char *filenames[ int ret = PM3_EUNDEF; flash_file_t files[FLASH_MAX_FILES]; memset(files, 0, sizeof(files)); - char *filepaths[FLASH_MAX_FILES]; + char *filepaths[FLASH_MAX_FILES] = {0}; if (serial_port_name == NULL) { PrintAndLogEx(ERR, "You must specify a port.\n"); diff --git a/client/scripting.c b/client/scripting.c index 8054ff9b4..7157957ca 100644 --- a/client/scripting.c +++ b/client/scripting.c @@ -1074,6 +1074,7 @@ static int l_searchfile(lua_State *L) { } lua_pushstring(L, path); + free(path); return 1; }