From 1facb46ab6e3551910678a00e88b222c7261057d Mon Sep 17 00:00:00 2001
From: pancake <pancake@nopcode.org>
Date: Mon, 19 Dec 2016 21:39:30 +0100
Subject: [PATCH] Fix memleaks in zignatures and update spp

---
 libr/anal/sign.c | 19 ++++++++++++-------
 libr/util/pool.c |  3 +++
 shlr/spp/p/spp.h | 19 +++++++++++--------
 shlr/spp/spp.c   | 13 +++++++------
 4 files changed, 33 insertions(+), 21 deletions(-)

diff --git a/libr/anal/sign.c b/libr/anal/sign.c
index b7823956a5..cc8f6d4281 100644
--- a/libr/anal/sign.c
+++ b/libr/anal/sign.c
@@ -54,8 +54,7 @@ static bool signatureExists(RSign *sig, RSignItem *item) {
 R_API bool r_sign_add(RSign *sig, RAnal *anal, int type, const char *name, const char *arg) {
 	int len;
 	char *data = NULL, *ptr;
-	RSignItem *si; // TODO: like in r_search.. we need r_sign_item_new ()
-			// TODO: but..we need to use a pool here..
+	RSignItem *si = NULL;
 	if (!name || !arg || !anal) {
 		return false;
 	}
@@ -76,6 +75,7 @@ R_API bool r_sign_add(RSign *sig, RAnal *anal, int type, const char *name, const
 		if (!signatureExists (sig, si)) {
 			if (!r_list_append (sig->items, si)) {
 				r_sign_item_free (si);
+				si = NULL;
 			} else {
 				sig->s_func++;
 			}
@@ -86,6 +86,7 @@ R_API bool r_sign_add(RSign *sig, RAnal *anal, int type, const char *name, const
 	case R_SIGN_BODY: // function body
 		if (!(data = r_anal_strmask (anal, arg))) {
 			r_sign_item_free (si);
+			si = NULL;
 			break;
 		}
 		len = strlen (data) + 4; // \xf0
@@ -94,6 +95,7 @@ R_API bool r_sign_add(RSign *sig, RAnal *anal, int type, const char *name, const
 		if (!si->bytes || !si->mask) {
 			eprintf ("Cannot malloc\n");
 			r_sign_item_free (si);
+			si = NULL;
 			break;
 		}
 		si->size = r_hex_str2binmask (data, si->bytes, si->mask);
@@ -110,6 +112,7 @@ R_API bool r_sign_add(RSign *sig, RAnal *anal, int type, const char *name, const
 				} else if (type == R_SIGN_BODY) {
 					sig->s_func++;
 				}
+				si = NULL;
 			}
 		}
 		break;
@@ -120,8 +123,8 @@ R_API bool r_sign_add(RSign *sig, RAnal *anal, int type, const char *name, const
 		si = NULL;
 		break;
 	}
+	free (si);
 	free (data);
-
 	return false;
 }
 
@@ -130,15 +133,17 @@ R_API void r_sign_list(RSign *sig, int rad, int json) {
 		int i;
 		RListIter *iter;
 		RSignItem *si;
-		if (!r_list_empty (sig->items))
+		if (!r_list_empty (sig->items)) {
 			sig->cb_printf ("zp-\n");
+		}
 		r_list_foreach (sig->items, iter, si) {
 			sig->cb_printf ("z%c %s ", si->type, si->name);
-			for (i=0; i<si->size; i++){
-				if (!si->mask[i]) // This is a mask
+			for (i = 0; i < si->size; i++){
+				if (!si->mask[i]) { // This is a mask
 					sig->cb_printf ("..");
-				else
+				} else {
 					sig->cb_printf ("%02x", si->bytes[i]);
+				}
 			}
 			sig->cb_printf ("\n");
 		}
diff --git a/libr/util/pool.c b/libr/util/pool.c
index 6f19e8a132..ef00ef11fa 100644
--- a/libr/util/pool.c
+++ b/libr/util/pool.c
@@ -48,6 +48,9 @@ R_API RMemoryPool *r_mem_pool_free(RMemoryPool *pool) {
 }
 
 R_API void* r_mem_pool_alloc(RMemoryPool *pool) {
+	if (!pool) {
+		return NULL;
+	}
 	if (pool->ncount >= pool->poolsize) {
 		if (++pool->npool >= pool->poolcount) {
 			eprintf ("FAIL: Cannot allocate more memory in the pool\n");
diff --git a/shlr/spp/p/spp.h b/shlr/spp/p/spp.h
index 84e9453622..4e84b7debe 100644
--- a/shlr/spp/p/spp.h
+++ b/shlr/spp/p/spp.h
@@ -104,16 +104,19 @@ TAG_CALLBACK(spp_sub)
 	char *eq = strchr(buf, ' ');
 	char *var;
 	int ret = 0;
-	if (!echo[ifl]) return 0;
+	if (!echo[ifl]) {
+		return 0;
+	}
 	if (eq) {
 		*eq = '\0';
-		var = spp_var_get(buf);
-		if (var == NULL) ret = 0;
-		else ret = atoi(var);
-		ret -= atoi(eq+1);
-		r_sys_setenv(buf, eq + 1);
-	} else { /* syntax error */ }
-	return 0;
+		var = spp_var_get (buf);
+		ret = var? atoi (var): 0;
+		ret -= atoi (eq + 1);
+		r_sys_setenv (buf, eq + 1);
+	} else {
+		/* syntax error */
+	}
+	return ret;
 }
 
 // XXX This method needs some love
diff --git a/shlr/spp/spp.c b/shlr/spp/spp.c
index 7737976247..da837a520e 100644
--- a/shlr/spp/spp.c
+++ b/shlr/spp/spp.c
@@ -152,7 +152,7 @@ retry:
 	delta = strlen (tag_post);
 
 	/* (pre) tag */
-	ptr = strstr (buf, tag_pre);
+	ptr = tag_pre? strstr (buf, tag_pre): NULL;
 	if (ptr) {
 		D printf ("==> 0.0 (%s)\n", ptr);
 		incmd = 1;
@@ -177,15 +177,16 @@ retry:
 			if (ptrr < ptr2) {
 				char *p = strdup (ptr2 + 2);
 				char *s = spp_run_str (ptrr + strlen (tag_pre), NULL);
-				D fprintf (stderr, "strcpy(%s)(%s)\n",ptrr, s);
+				D fprintf (stderr, "strcpy(%s)(%s)\n", ptrr, s);
 				strcpy (ptrr, s);
 				free (s);
 				ptr[-2] = tag_pre[0]; // XXX -2 check underflow?
 
-				D fprintf(stderr, "strcat(%s)(%s)\n",ptrr, p);
-				strcat(ptrr, p);
-				buf = ptr-2;
-				D fprintf(stderr, "CONTINUE (%s)\n", buf);
+				D fprintf (stderr, "strcat(%s)(%s)\n", ptrr, p);
+				strcat (ptrr, p);
+				buf = ptr - 2;
+				D fprintf (stderr, "CONTINUE (%s)\n", buf);
+				free (p);
 				ptrr = NULL;
 				goto retry;
 			}