diff --git a/libr/bin/bin.c b/libr/bin/bin.c index e484afc837..b751101511 100644 --- a/libr/bin/bin.c +++ b/libr/bin/bin.c @@ -78,6 +78,7 @@ R_API RBinXtrData *r_bin_xtrdata_new(void *xtr_obj, FREE_XTR free_xtr, RBuffer * return data; } data = R_NEW0 (RBinXtrData); + if (!data) return NULL; data->xtr_obj = xtr_obj; data->free_xtr = free_xtr; data->buf = tb; @@ -751,7 +752,7 @@ R_API int r_bin_load_io_at_offset_as_sz(RBin *bin, RIODesc *desc, ut64 baseaddr, if (!binfile) { binfile = r_bin_file_new_from_bytes (bin, desc->name, buf_bytes, sz, file_sz, bin->rawstr, baseaddr, loadaddr, desc->fd, name, NULL, offset); - } + } #if 0 else { free (buf_bytes); // possible UAF @@ -872,9 +873,9 @@ static RBinFile *r_bin_file_xtr_load_bytes(RBin *bin, RBinXtrPlugin *xtr, const if (!bf) { if (!bin) return NULL; bf = r_bin_file_create_append (bin, filename, bytes, sz, file_sz, rawstr, fd, xtr->name); - if (!bf) + if (!bf) return bf; - if (!bin->cur) + if (!bin->cur) bin->cur = bf; } if (idx == 0 && xtr && bytes) { @@ -974,6 +975,7 @@ static RBinObject *r_bin_object_new(RBinFile *binfile, RBinPlugin *plugin, ut64 ut64 bytes_sz = binfile? r_buf_size (binfile->buf): 0; Sdb *sdb = binfile? binfile->sdb: NULL; RBinObject *o = R_NEW0 (RBinObject); + if (!o) return NULL; o->obj_size = bytes && (bytes_sz >= sz + offset)? sz: 0; o->boffset = offset; o->id = r_num_rand (0xfffff000); @@ -1047,6 +1049,7 @@ static int r_bin_file_set_bytes(RBinFile *binfile, const ut8 *bytes, ut64 sz) { static RBinFile *r_bin_file_new(RBin *bin, const char *file, const ut8 *bytes, ut64 sz, ut64 file_sz, int rawstr, int fd, const char *xtrname, Sdb *sdb) { RBinFile *binfile = R_NEW0 (RBinFile); + if (!binfile) return NULL; r_bin_file_set_bytes (binfile, bytes, sz); @@ -1456,6 +1459,7 @@ R_API RBin *r_bin_new() { bin->binxtrs->free = free; for (i = 0; bin_xtr_static_plugins[i]; i++) { static_xtr_plugin = R_NEW0 (RBinXtrPlugin); + if (!static_xtr_plugin) return NULL; *static_xtr_plugin = *bin_xtr_static_plugins[i]; r_bin_xtr_add (bin, static_xtr_plugin); } diff --git a/libr/bin/mangling/microsoft_demangle.c b/libr/bin/mangling/microsoft_demangle.c index c2eeaae780..959546fc41 100644 --- a/libr/bin/mangling/microsoft_demangle.c +++ b/libr/bin/mangling/microsoft_demangle.c @@ -291,6 +291,7 @@ int get_namespace_and_name( char *buf, STypeCodeStr *type_code_str, { int i = 0; str_info = (SStrInfo *) malloc(sizeof(SStrInfo)); + if (!str_info) break;d i = get_template(buf + 1, str_info); if (!i) { R_FREE(str_info); diff --git a/libr/bin/pdb/dbi.c b/libr/bin/pdb/dbi.c index 5dd52197ee..25fd10948a 100644 --- a/libr/bin/pdb/dbi.c +++ b/libr/bin/pdb/dbi.c @@ -132,30 +132,32 @@ void parse_dbi_stream(void *parsed_pdb_stream, R_STREAM_FILE *stream_file) int size = 0, sz = 0; int i = 0; - parse_dbi_header(&dbi_stream->dbi_header, stream_file); - pos += sizeof(SDBIHeader) - 2; // 2 because enum in C equal to 4, but + parse_dbi_header (&dbi_stream->dbi_header, stream_file); + pos += sizeof (SDBIHeader) - 2; // 2 because enum in C equal to 4, but // to read just 2; - stream_file_seek(stream_file, pos, 0); + stream_file_seek (stream_file, pos, 0); size = dbi_stream->dbi_header.module_size; dbiexhdr_data = (char *) malloc(size); - stream_file_read(stream_file, size, dbiexhdr_data); + if (!dbiexhdr_data) return; + stream_file_read (stream_file, size, dbiexhdr_data); dbi_stream->dbiexhdrs = r_list_new(); p_tmp = dbiexhdr_data; while (i < size) { - dbi_ex_header = (SDBIExHeader *) malloc(sizeof(SDBIExHeader)); + dbi_ex_header = (SDBIExHeader *) malloc (sizeof(SDBIExHeader)); + if (!dbi_ex_header) break; // TODO: rewrite for signature where can to do chech CAN_READ true? - sz = parse_dbi_ex_header(p_tmp, size, dbi_ex_header); + sz = parse_dbi_ex_header (p_tmp, size, dbi_ex_header); if ((sz % _ALIGN)) { sz = sz + (_ALIGN - (sz % _ALIGN)); } i += sz; p_tmp += sz; - r_list_append(dbi_stream->dbiexhdrs, dbi_ex_header); + r_list_append (dbi_stream->dbiexhdrs, dbi_ex_header); } - free(dbiexhdr_data); + free (dbiexhdr_data); // "Section Contribution" stream_file_seek(stream_file, dbi_stream->dbi_header.seccon_size, 1); diff --git a/libr/bin/pdb/fpo.c b/libr/bin/pdb/fpo.c index e57f0c4264..54ab96f90e 100644 --- a/libr/bin/pdb/fpo.c +++ b/libr/bin/pdb/fpo.c @@ -101,26 +101,31 @@ void parse_fpo_new_stream(void *stream, R_STREAM_FILE *stream_file) SFPO_DATA_V2 *fpo_data = 0; SFPONewStream *fpo_stream = 0; - stream_file_get_size(stream_file, &data_size); - data = (char *) malloc(data_size); - stream_file_get_data(stream_file, data); + stream_file_get_size (stream_file, &data_size); + data = (char *) malloc (data_size); + if (!data) return; + stream_file_get_data (stream_file, data); fpo_stream = (SFPONewStream *) stream; - fpo_stream->fpo_data_list = r_list_new(); + fpo_stream->fpo_data_list = r_list_new (); curr_read_bytes = 0; ptmp = data; while (read_bytes < data_size) { - fpo_data = (SFPO_DATA_V2 *) malloc(sizeof(SFPO_DATA_V2)); - curr_read_bytes = parse_fpo_data_v2(ptmp, data_size, &read_bytes, fpo_data); + fpo_data = (SFPO_DATA_V2 *) malloc (sizeof(SFPO_DATA_V2)); + if (!fpo_data) { + free (data); + return; + } + curr_read_bytes = parse_fpo_data_v2 (ptmp, data_size, &read_bytes, fpo_data); ptmp += curr_read_bytes; if (!curr_read_bytes) { - free(fpo_data); + free (fpo_data); break; } - r_list_append(fpo_stream->fpo_data_list, fpo_data); + r_list_append (fpo_stream->fpo_data_list, fpo_data); } - free(data); + free (data); } diff --git a/libr/bin/pdb/gdata.c b/libr/bin/pdb/gdata.c index 789e1a8d1b..9c41826f97 100644 --- a/libr/bin/pdb/gdata.c +++ b/libr/bin/pdb/gdata.c @@ -34,11 +34,16 @@ void parse_gdata_stream(void *stream, R_STREAM_FILE *stream_file) { if (len == 0) break; data = (char *) malloc(len); + if (!data) return; stream_file_read(stream_file, len, data); leaf_type = *(unsigned short *) (data); if ((leaf_type == 0x110E) || (leaf_type == 0x1009)) { global = (SGlobal *) malloc(sizeof(SGlobal)); + if (!global) { + free (data); + return; + } global->leaf_type = leaf_type; parse_global(data + 2, len, global); r_list_append(data_stream->globals_list, global); diff --git a/libr/bin/pdb/omap.c b/libr/bin/pdb/omap.c index 2097263543..ae0ed79917 100644 --- a/libr/bin/pdb/omap.c +++ b/libr/bin/pdb/omap.c @@ -22,9 +22,10 @@ void parse_omap_stream(void *stream, R_STREAM_FILE *stream_file) SOmapEntry *omap_entry = 0; SOmapStream *omap_stream = 0; - stream_file_get_size(stream_file, &data_size); - data = (char *) malloc(data_size); - stream_file_get_data(stream_file, data); + stream_file_get_size (stream_file, &data_size); + data = (char *) malloc (data_size); + if (!data) return; + stream_file_get_data (stream_file, data); omap_stream = (SOmapStream *) stream; omap_stream->froms = 0; @@ -32,19 +33,18 @@ void parse_omap_stream(void *stream, R_STREAM_FILE *stream_file) curr_read_bytes = 0; ptmp = data; while (read_bytes < data_size) { - omap_entry = (SOmapEntry *) malloc(sizeof(SOmapEntry)); - curr_read_bytes = parse_omap_entry(ptmp, data_size, &read_bytes, omap_entry); - ptmp += curr_read_bytes; - + omap_entry = (SOmapEntry *) malloc (sizeof(SOmapEntry)); + if (!omap_entry) break; + curr_read_bytes = parse_omap_entry (ptmp, data_size, &read_bytes, omap_entry); if (!curr_read_bytes) { - free(omap_entry); + free (omap_entry); break; } - - r_list_append(omap_stream->omap_entries, omap_entry); + ptmp += curr_read_bytes; + r_list_append (omap_stream->omap_entries, omap_entry); } - free(data); + free (data); } /////////////////////////////////////////////////////////////////////////////// @@ -110,23 +110,24 @@ int omap_remap(void *stream, int address) len = r_list_length(omap_stream->omap_entries); if (omap_stream->froms == 0) { - omap_stream->froms = (unsigned int *) malloc(4 * len); - it = r_list_iterator(omap_stream->omap_entries); - while (r_list_iter_next(it)) { - omap_entry = (SOmapEntry *) r_list_iter_get(it); + omap_stream->froms = (unsigned int *) malloc (4 * len); + if (!omap_stream->froms) return -1; + it = r_list_iterator (omap_stream->omap_entries); + while (r_list_iter_next (it)) { + omap_entry = (SOmapEntry *) r_list_iter_get (it); omap_stream->froms[i] = omap_entry->from; i++; } } // mb (len -1) ??? - pos = binary_search(omap_stream->froms, address, 0, (len)); + pos = binary_search (omap_stream->froms, address, 0, (len)); if (omap_stream->froms[pos] != address) { pos -= 1; } - omap_entry = (SOmapEntry *) r_list_get_n(omap_stream->omap_entries, pos); + omap_entry = (SOmapEntry *) r_list_get_n (omap_stream->omap_entries, pos); if (!omap_entry) { return -1; } diff --git a/libr/bin/pdb/pdb.c b/libr/bin/pdb/pdb.c index 4e84bfd349..d1fffcfdfb 100644 --- a/libr/bin/pdb/pdb.c +++ b/libr/bin/pdb/pdb.c @@ -120,6 +120,7 @@ static int init_pdb7_root_stream(R_PDB *pdb, int *root_page_list, int pages_amou stream_file_get_size (&pdb_stream->stream_file, &data_size); data = (char *) calloc (1, data_size); + if (!data) return 0; stream_file_get_data(&pdb_stream->stream_file, data); num_streams = *(int *)data; @@ -255,17 +256,22 @@ static void free_info_stream(void *stream) { /////////////////////////////////////////////////////////////////////////////// #define ADD_INDX_TO_LIST(list, index, stream_size, stream_type, free_func, parse_func) { \ if (index != -1) { \ - SStreamParseFunc *stream_parse_func = R_NEW0(SStreamParseFunc); \ + SStreamParseFunc *stream_parse_func = R_NEW0 (SStreamParseFunc); \ + if (!stream_parse_func) return; \ stream_parse_func->indx = (index); \ stream_parse_func->type = (stream_type); \ stream_parse_func->parse_stream = (parse_func); \ stream_parse_func->free = (free_func); \ if (stream_size) { \ - stream_parse_func->stream = malloc(stream_size); \ + stream_parse_func->stream = malloc (stream_size); \ + if (!stream_parse_func->stream) { \ + R_FREE (stream_parse_func); \ + return; \ + } \ } else { \ stream_parse_func->stream = 0; \ } \ - r_list_append((list), stream_parse_func); \ + r_list_append ((list), stream_parse_func); \ } \ } @@ -322,10 +328,10 @@ static int pdb_read_root(R_PDB *pdb) { SPage *page = 0; SStreamParseFunc *stream_parse_func = 0; - it = r_list_iterator(root_stream->streams_list); - while (r_list_iter_next(it)) { - page = (SPage*) r_list_iter_get(it); - init_r_stream_file(&stream_file, pdb->buf, (int *)page->stream_pages, + it = r_list_iterator (root_stream->streams_list); + while (r_list_iter_next (it)) { + page = (SPage*) r_list_iter_get (it); + init_r_stream_file (&stream_file, pdb->buf, (int *)page->stream_pages, page->num_pages/*root_stream->pdb_stream.pages_amount*/, page->stream_size, root_stream->pdb_stream.page_size); @@ -336,14 +342,14 @@ static int pdb_read_root(R_PDB *pdb) { pdb_info_stream = R_NEW0 (SPDBInfoStream); if (!pdb_info_stream) return 0; pdb_info_stream->free_ = free_info_stream; - parse_pdb_info_stream(pdb_info_stream, &stream_file); - r_list_append(pList, pdb_info_stream); + parse_pdb_info_stream (pdb_info_stream, &stream_file); + r_list_append (pList, pdb_info_stream); break; case ePDB_STREAM_TPI: tpi_stream = R_NEW0 (STpiStream); if (!tpi_stream) return 0; - init_tpi_stream(tpi_stream); - if (!parse_tpi_stream(tpi_stream, &stream_file)) { + init_tpi_stream (tpi_stream); + if (!parse_tpi_stream (tpi_stream, &stream_file)) { free (tpi_stream); return 0; } @@ -352,29 +358,31 @@ static int pdb_read_root(R_PDB *pdb) { case ePDB_STREAM_DBI: { SDbiStream *dbi_stream = R_NEW0 (SDbiStream); - init_dbi_stream(dbi_stream); - parse_dbi_stream(dbi_stream, &stream_file); - r_list_append(pList, dbi_stream); - pdb->pdb_streams2 = r_list_new(); - fill_list_for_stream_parsing(pdb->pdb_streams2, dbi_stream); + if (!dbi_stream) return 0; + init_dbi_stream (dbi_stream); + parse_dbi_stream (dbi_stream, &stream_file); + r_list_append (pList, dbi_stream); + pdb->pdb_streams2 = r_list_new (); + fill_list_for_stream_parsing (pdb->pdb_streams2, dbi_stream); break; } default: - find_indx_in_list(pdb->pdb_streams2, i, &stream_parse_func); + find_indx_in_list (pdb->pdb_streams2, i, &stream_parse_func); if (stream_parse_func) { if (stream_parse_func->parse_stream) { - stream_parse_func->parse_stream(stream_parse_func->stream, + stream_parse_func->parse_stream (stream_parse_func->stream, &stream_file); break; } } pdb_stream = R_NEW0 (R_PDB_STREAM); - init_r_pdb_stream(pdb_stream, pdb->buf, (int *)page->stream_pages, + if (!pdb_stream) return 0; + init_r_pdb_stream (pdb_stream, pdb->buf, (int *)page->stream_pages, root_stream->pdb_stream.pages_amount, i, page->stream_size, root_stream->pdb_stream.page_size); - r_list_append(pList, pdb_stream); + r_list_append (pList, pdb_stream); break; } @@ -665,6 +673,7 @@ static int build_format_flags(R_PDB *pdb, char *type, int pos, char *res_field, res_field[pos] = '?'; tmp = strtok(NULL, " "); name = (char *) malloc(strlen(tmp) + strlen(*name_field) + 1 + 2); + if (!name) return 0; strcpy(name, tmp); sprintf(name, "(%s)%s", tmp, *name_field); free(*name_field); @@ -735,6 +744,7 @@ static int build_format_flags(R_PDB *pdb, char *type, int pos, char *res_field, res_field[pos] = 'B'; tmp = strtok(NULL, " "); name = (char *) malloc(strlen(tmp) + strlen(*name_field) + 1 + 2); + if (!name) return 0; strcpy(name, tmp); sprintf(name, "(%s)%s", tmp, *name_field); free(*name_field); @@ -800,6 +810,7 @@ int build_flags_format_and_members_field(R_PDB *pdb, ELeafType lt, char *name, case eLF_STRUCTURE: case eLF_UNION: members_field[i] = (char *) malloc(sizeof(char) * strlen(name) + 1); + if (!members_field[i]) return 0; strcpy(members_field[i], name); if (build_format_flags(pdb, type, *pos, format_flags_field, &members_field[i]) == 0) { return 0; @@ -808,6 +819,7 @@ int build_flags_format_and_members_field(R_PDB *pdb, ELeafType lt, char *name, break; case eLF_ENUM: members_field[i] = (char *) malloc(sizeof(char) * strlen(name) + 8 + 1 + 1); // 8 - hex int, 1 - = + if (!members_field[i]) return 0; sprintf(members_field[i], "%s=%08X", name, offset); break; default: diff --git a/libr/bin/pdb/stream_pe.c b/libr/bin/pdb/stream_pe.c index b29e05a768..5e4cf2467d 100644 --- a/libr/bin/pdb/stream_pe.c +++ b/libr/bin/pdb/stream_pe.c @@ -14,6 +14,7 @@ void parse_pe_stream(void *stream, R_STREAM_FILE *stream_file) stream_file_get_size(stream_file, &data_size); data = (char *) malloc(data_size); + if (!data) return; stream_file_get_data(stream_file, data); sctn_header_size = sizeof(SIMAGE_SECTION_HEADER); @@ -21,6 +22,7 @@ void parse_pe_stream(void *stream, R_STREAM_FILE *stream_file) pe_stream->sections_hdrs = r_list_new(); while (read_bytes < data_size) { sctn_header = (SIMAGE_SECTION_HEADER *) malloc (sctn_header_size); + if (!sctn_header) break; memcpy(sctn_header, ptmp, sctn_header_size); ptmp += sctn_header_size; r_list_append(pe_stream->sections_hdrs, sctn_header); diff --git a/libr/bin/pdb/tpi.c b/libr/bin/pdb/tpi.c index d574ef6e36..ae355c899a 100644 --- a/libr/bin/pdb/tpi.c +++ b/libr/bin/pdb/tpi.c @@ -1043,7 +1043,7 @@ static void free_lf_vtshape(void *type) STypeInfo *t = (STypeInfo *) type; SLF_VTSHAPE *lf_vtshape = (SLF_VTSHAPE *) t->type_info; - free(lf_vtshape->vt_descriptors); + free (lf_vtshape->vt_descriptors); lf_vtshape->vt_descriptors = 0; } @@ -1054,25 +1054,25 @@ static void free_tpi_stream(void *stream) RListIter *it; SType *type = NULL; - it = r_list_iterator(tpi_stream->types); - while (r_list_iter_next(it)) { + it = r_list_iterator (tpi_stream->types); + while (r_list_iter_next (it)) { type = (SType *) r_list_iter_get (it); if (!type) { continue; } if (type->type_data.free_) { - type->type_data.free_(&type->type_data); + type->type_data.free_ (&type->type_data); type->type_data.free_ = 0; } if (type->type_data.type_info) { - free(type->type_data.type_info); + free (type->type_data.type_info); type->type_data.free_ = 0; type->type_data.type_info = 0; } free (type); type = NULL; } - r_list_free(tpi_stream->types); + r_list_free (tpi_stream->types); } /////////////////////////////////////////////////////////////////////////////// @@ -1085,26 +1085,30 @@ static void get_array_print_type(void *type, char **name) int need_to_free = 1; int base_type = 0; - base_type = ti->get_element_type(ti, (void **)&t); + base_type = ti->get_element_type (ti, (void **)&t); if (!t) { need_to_free = 0; - print_base_type(base_type, &tmp_name); + print_base_type (base_type, &tmp_name); } else { ti = &t->type_data; - ti->get_print_type(ti, &tmp_name); + ti->get_print_type (ti, &tmp_name); } - name_len = strlen("array: "); + name_len = strlen ("array: "); if (tmp_name) - name_len += strlen(tmp_name); - *name = (char *) malloc(name_len + 1); + name_len += strlen (tmp_name); + *name = (char *) malloc (name_len + 1); + if (!(*name)) { + if (tmp_name) free (tmp_name); + return; + } // name[name_len] = '\0'; - strcpy(*name, "array: "); + strcpy (*name, "array: "); if (tmp_name) - strcat(*name, tmp_name); + strcat (*name, tmp_name); if (need_to_free) { - free(tmp_name); + free (tmp_name); tmp_name = 0; } } @@ -1119,26 +1123,30 @@ static void get_pointer_print_type(void *type, char **name) int need_to_free = 1; int base_type = 0; - base_type = ti->get_utype(ti, (void **)&t); + base_type = ti->get_utype (ti, (void **)&t); if (!t) { need_to_free = 0; - print_base_type(base_type, &tmp_name); + print_base_type (base_type, &tmp_name); } else { ti = &t->type_data; - ti->get_print_type(ti, &tmp_name); + ti->get_print_type (ti, &tmp_name); } - name_len = strlen("pointer to "); + name_len = strlen ("pointer to "); if (tmp_name) - name_len += strlen(tmp_name); - *name = (char *) malloc(name_len + 1); + name_len += strlen (tmp_name); + *name = (char *) malloc (name_len + 1); + if (!(*name)) { + if (tmp_name) free (tmp_name); + return; + } // name[name_len] = '\0'; strcpy(*name, "pointer to "); if (tmp_name) - strcat(*name, tmp_name); + strcat (*name, tmp_name); if (need_to_free) { - free(tmp_name); + free (tmp_name); tmp_name = 0; } } @@ -1153,26 +1161,30 @@ static void get_modifier_print_type(void *type, char **name) int need_to_free = 1; int base_type = 0; - base_type = ti->get_modified_type(ti, (void **)&t); + base_type = ti->get_modified_type (ti, (void **)&t); if (!t) { need_to_free = 0; - print_base_type(base_type, &tmp_name); + print_base_type (base_type, &tmp_name); } else { ti = &t->type_data; - ti->get_print_type(ti, &tmp_name); + ti->get_print_type (ti, &tmp_name); } - name_len = strlen("modifier "); + name_len = strlen ("modifier "); if (tmp_name) - name_len += strlen(tmp_name); + name_len += strlen (tmp_name); *name = (char *) malloc(name_len + 1); + if (!(*name)) { + if (tmp_name) free (tmp_name); + return; + } // name[name_len] = '\0'; - strcpy(*name, "modifier "); + strcpy (*name, "modifier "); if (tmp_name) - strcat(*name, tmp_name); + strcat (*name, tmp_name); if (need_to_free) { - free(tmp_name); + free (tmp_name); tmp_name = 0; } } @@ -1182,8 +1194,9 @@ static void get_procedure_print_type(void *type, char **name) { int name_len = 0; - name_len = strlen("proc "); - *name = (char *) malloc(name_len + 1); + name_len = strlen ("proc "); + *name = (char *) malloc (name_len + 1); + if (!(*name)) return; // name[name_len] = '\0'; strcpy(*name, "proc "); } @@ -1199,29 +1212,34 @@ static void get_bitfield_print_type(void *type, char **name) int base_type = 0; SLF_BITFIELD *bitfeild_info = (SLF_BITFIELD *)ti->type_info; - base_type = ti->get_base_type(ti, (void **)&t); + base_type = ti->get_base_type (ti, (void **)&t); if (!t) { need_to_free = 0; - print_base_type(base_type, &tmp_name); + print_base_type (base_type, &tmp_name); } else { ti = &t->type_data; - ti->get_print_type(ti, &tmp_name); + ti->get_print_type (ti, &tmp_name); } - name_len = strlen("bitfield "); + name_len = strlen ("bitfield "); if (tmp_name) - name_len += strlen(tmp_name); + name_len += strlen (tmp_name); name_len += 4; - *name = (char *) malloc(name_len + 1 + 1); + *name = (char *) malloc (name_len + 1 + 1); + if (!(*name)) { + if (need_to_free) free (tmp_name); + return; + } + // name[name_len] = '\0'; if (tmp_name) { - sprintf(*name, "%s %s : %d", "bitfield", tmp_name, (int)bitfeild_info->length); + sprintf (*name, "%s %s : %d", "bitfield", tmp_name, (int)bitfeild_info->length); } else { - sprintf(*name, "%s : %d", "bitfield", (int)bitfeild_info->length); + sprintf (*name, "%s : %d", "bitfield", (int)bitfeild_info->length); } if (need_to_free) - free(tmp_name); + free (tmp_name); } /////////////////////////////////////////////////////////////////////////////// @@ -1229,10 +1247,10 @@ static void get_fieldlist_print_type(void *type, char **name) { int name_len = 0; - name_len = strlen("fieldlist "); - *name = (char *) malloc(name_len + 1); + name_len = strlen ("fieldlist "); + *name = (char *) malloc (name_len + 1); // name[name_len] = '\0'; - strcpy(*name, "fieldlist "); + strcpy (*name, "fieldlist "); } /////////////////////////////////////////////////////////////////////////////// @@ -1245,26 +1263,30 @@ static void get_enum_print_type(void *type, char **name) int need_to_free = 1; int base_type = 0; - base_type = ti->get_utype(ti, (void **)&t); + base_type = ti->get_utype (ti, (void **)&t); if (!t) { need_to_free = 0; - print_base_type(base_type, &tmp_name); + print_base_type (base_type, &tmp_name); } else { ti = &t->type_data; - ti->get_print_type(ti, &tmp_name); + ti->get_print_type (ti, &tmp_name); } - name_len = strlen("enum "); + name_len = strlen ("enum "); if (tmp_name) - name_len += strlen(tmp_name); - *name = (char *) malloc(name_len + 1); + name_len += strlen (tmp_name); + *name = (char *) malloc (name_len + 1); + if (!(*name)) { + if (need_to_free) free (tmp_name); + return; + } // name[name_len] = '\0'; - strcpy(*name, "enum "); + strcpy (*name, "enum "); if (tmp_name) - strcat(*name, tmp_name); + strcat( *name, tmp_name); if (need_to_free) - free(tmp_name); + free (tmp_name); } /////////////////////////////////////////////////////////////////////////////// @@ -1287,6 +1309,7 @@ static void get_class_struct_print_type(void *type, char **name) if (tmp_name) name_len += strlen(tmp_name); *name = (char *) malloc(name_len + 1); + if (!(*name)) return; // name[name_len] = '\0'; strcpy(*name, tmp1); if (tmp_name) @@ -1304,10 +1327,11 @@ static void get_arglist_print_type(void *type, char **name) (void) type; int name_len = 0; - name_len = strlen("arg_list"); - *name = (char *) malloc(name_len + 1); + name_len = strlen ("arg_list"); + *name = (char *) malloc (name_len + 1); + if (!(*name)) return; // name[name_len] = '\0'; - strcpy(*name, "arg_list"); + strcpy (*name, "arg_list"); // STypeInfo *ti = (STypeInfo *) type; // SType *t = 0; // char *tmp_name = 0; @@ -1341,9 +1365,10 @@ static void get_mfunction_print_type(void *type, char **name) int name_len = 0; name_len = strlen("mfunction "); - *name = (char *) malloc(name_len + 1); + *name = (char *) malloc (name_len + 1); + if (!(*name)) return; // name[name_len] = '\0'; - strcpy(*name, "mfunction "); + strcpy (*name, "mfunction "); } /////////////////////////////////////////////////////////////////////////////// @@ -1355,17 +1380,18 @@ static void get_union_print_type(void *type, char **name) int name_len = 0; // lt = ti->leaf_type; - ti->get_name(ti, &tmp_name); + ti->get_name (ti, &tmp_name); tmp1 = "union "; - name_len = strlen(tmp1); + name_len = strlen (tmp1); if (tmp_name) - name_len += strlen(tmp_name); - *name = (char *) malloc(name_len + 1); + name_len += strlen (tmp_name); + *name = (char *) malloc (name_len + 1); + if (!(*name)) return; // name[name_len] = '\0'; - strcpy(*name, tmp1); + strcpy (*name, tmp1); if (tmp_name) - strcat(*name, tmp_name); + strcat (*name, tmp_name); // if (need_to_free) { // free(tmp_name); @@ -1378,10 +1404,11 @@ static void get_vtshape_print_type(void *type, char **name) { int name_len = 0; - name_len = strlen("vtshape"); - *name = (char *) malloc(name_len + 1); + name_len = strlen ("vtshape"); + *name = (char *) malloc (name_len + 1); + if (!(*name)) return; // name[name_len] = '\0'; - strcpy(*name, "vthape"); + strcpy (*name, "vthape"); } /////////////////////////////////////////////////////////////////////////////// @@ -1391,17 +1418,18 @@ static void get_enumerate_print_type(void *type, char **name) char *tmp_name = 0, *tmp1 = 0; int name_len = 0; - ti->get_name(ti, &tmp_name); + ti->get_name (ti, &tmp_name); tmp1 = "enumerate "; - name_len = strlen(tmp1); + name_len = strlen (tmp1); if (tmp_name) - name_len += strlen(tmp_name); - *name = (char *) malloc(name_len + 1); + name_len += strlen (tmp_name); + *name = (char *) malloc (name_len + 1); + if (!(*name)) return; // name[name_len] = '\0'; - strcpy(*name, tmp1); + strcpy (*name, tmp1); if (tmp_name) - strcat(*name, tmp_name); + strcat (*name, tmp_name); // if (need_to_free) // free(tmp_name); @@ -1417,34 +1445,38 @@ static void get_nesttype_print_type(void *type, char **name) int need_to_free = 1; int base_type = 0; - base_type = ti->get_index(ti, (void **)&t); + base_type = ti->get_index (ti, (void **)&t); if (!t) { need_to_free = 0; - print_base_type(base_type, &tmp_name); + print_base_type (base_type, &tmp_name); } else { ti = &t->type_data; if (ti->get_print_type != NULL) { - ti->get_print_type(ti, &tmp_name); + ti->get_print_type (ti, &tmp_name); } else { // TODO: need to investigate why this branch can be... // this is possible because there is no support for // parsing METHODLIST... // need to investigate for this theme - eprintf("warning: strange for nesttype\n"); + eprintf ("warning: strange for nesttype\n"); } } - name_len = strlen("nesttype "); + name_len = strlen ("nesttype "); if (tmp_name) - name_len += strlen(tmp_name); - *name = (char *) malloc(name_len + 1); + name_len += strlen (tmp_name); + *name = (char *) malloc (name_len + 1); + if (!(*name)) { + if (need_to_free) free (tmp_name); + return; + } // name[name_len] = '\0'; - strcpy(*name, "nesttype "); + strcpy (*name, "nesttype "); if (tmp_name) - strcat(*name, tmp_name); + strcat (*name, tmp_name); if (need_to_free) - free(tmp_name); + free (tmp_name); } /////////////////////////////////////////////////////////////////////////////// @@ -1454,17 +1486,18 @@ static void get_method_print_type(void *type, char **name) char *tmp_name = 0, *tmp1 = 0; int name_len = 0; - ti->get_name(ti, &tmp_name); + ti->get_name (ti, &tmp_name); tmp1 = "method "; - name_len = strlen(tmp1); + name_len = strlen (tmp1); if (tmp_name) - name_len += strlen(tmp_name); - *name = (char *) malloc(name_len + 1); + name_len += strlen (tmp_name); + *name = (char *) malloc (name_len + 1); + if (!(*name)) return; // name[name_len] = '\0'; - strcpy(*name, tmp1); + strcpy (*name, tmp1); if (tmp_name) - strcat(*name, tmp_name); + strcat (*name, tmp_name); // if (need_to_free) // free(tmp_name); @@ -1480,26 +1513,27 @@ static void get_member_print_type(void *type, char **name) int need_to_free = 1; int base_type = 0; - base_type = ti->get_index(ti, (void **) &t); + base_type = ti->get_index (ti, (void **) &t); if (!t) { need_to_free = 0; - print_base_type(base_type, &tmp_name); + print_base_type (base_type, &tmp_name); } else { ti = &t->type_data; - ti->get_print_type(ti, &tmp_name); + ti->get_print_type (ti, &tmp_name); } - name_len = strlen("(member) "); + name_len = strlen ("(member) "); if (tmp_name) - name_len += strlen(tmp_name); - *name = (char *) malloc(name_len + 1); + name_len += strlen (tmp_name); + *name = (char *) malloc (name_len + 1); + if (!(*name)) return; // name[name_len] = '\0'; - strcpy(*name, "(member) "); + strcp y(*name, "(member) "); if (tmp_name) - strcat(*name, tmp_name); + strcat (*name, tmp_name); if (need_to_free) { - R_FREE(tmp_name); + R_FREE (tmp_name); } } @@ -1513,40 +1547,44 @@ static void get_onemethod_print_type(void *type, char **name) int need_to_free = 1; int base_type = 0; - base_type = ti->get_index(ti, (void **)&t); + base_type = ti->get_index (ti, (void **)&t); if (!t) { need_to_free = 0; - print_base_type(base_type, &tmp_name); + print_base_type (base_type, &tmp_name); } else { ti = &t->type_data; - ti->get_print_type(ti, &tmp_name); + ti->get_print_type (ti, &tmp_name); } - name_len = strlen("onemethod "); + name_len = strlen ("onemethod "); if (tmp_name) - name_len += strlen(tmp_name); - *name = (char *) malloc(name_len + 1); + name_len += strlen (tmp_name); + *name = (char *) malloc (name_len + 1); + if (!(*name)) { + if (need_to_free) free (tmp_name); + return; + } // name[name_len] = '\0'; - strcpy(*name, "onemethod "); + strcpy (*name, "onemethod "); if (tmp_name) - strcat(*name, tmp_name); + strcat (*name, tmp_name); if (need_to_free) - free(tmp_name); + free (tmp_name); } /////////////////////////////////////////////////////////////////////////////// void init_scstring(SCString *cstr, unsigned int size, char *name) { cstr->size = size; - cstr->name = (char *) malloc(size); - strcpy(cstr->name, name); + cstr->name = (char *) malloc (size); + strcpy (cstr->name, name); } /////////////////////////////////////////////////////////////////////////////// void deinit_scstring(SCString *cstr) { - free(cstr->name); + free (cstr->name); } /////////////////////////////////////////////////////////////////////////////// @@ -1565,7 +1603,7 @@ int parse_sctring(SCString *sctr, unsigned char *leaf_data, unsigned int *read_b leaf_data += 1; (*read_bytes) += (c + 1); - init_scstring(sctr, c + 1, (char *)leaf_data - (c + 1)); + init_scstring (sctr, c + 1, (char *)leaf_data - (c + 1)); return 1; } @@ -1577,18 +1615,20 @@ static int parse_sval(SVal *val, unsigned char *leaf_data, unsigned int *read_by READ(*read_bytes, 2, len, val->value_or_type, leaf_data, unsigned short); if (val->value_or_type < eLF_CHAR) { - SCString *sctr = (SCString *) malloc(sizeof(SCString)); - parse_sctring(sctr, leaf_data, read_bytes, len); + SCString *sctr = (SCString *) malloc (sizeof (SCString)); + if (!sctr) return 0; + parse_sctring (sctr, leaf_data, read_bytes, len); val->name_or_val = sctr; } else { switch (val->value_or_type) { case eLF_CHAR: { SVal_LF_CHAR lf_char; - READ(*read_bytes, 2, len, lf_char.value, leaf_data, char); - parse_sctring(&lf_char.name, leaf_data, read_bytes, len); - val->name_or_val = malloc(sizeof(SVal_LF_CHAR)); - memcpy(val->name_or_val, &lf_char, sizeof(SVal_LF_CHAR)); + READ (*read_bytes, 2, len, lf_char.value, leaf_data, char); + parse_sctring (&lf_char.name, leaf_data, read_bytes, len); + val->name_or_val = malloc (sizeof (SVal_LF_CHAR)); + if (!val->name_or_val) break; + memcpy (val->name_or_val, &lf_char, sizeof (SVal_LF_CHAR)); break; } @@ -1599,10 +1639,11 @@ static int parse_sval(SVal *val, unsigned char *leaf_data, unsigned int *read_by // long = 4 bytes for Windows, but not in Linux x64, // so here is using int instead of long when // reading long value - READ(*read_bytes, 4, len, lf_long.value, leaf_data, int); - parse_sctring(&lf_long.name, leaf_data, read_bytes, len); - val->name_or_val = malloc(sizeof(SVal_LF_LONG)); - memcpy(val->name_or_val, &lf_long, sizeof(SVal_LF_LONG)); + READ (*read_bytes, 4, len, lf_long.value, leaf_data, int); + parse_sctring (&lf_long.name, leaf_data, read_bytes, len); + val->name_or_val = malloc (sizeof (SVal_LF_LONG)); + if (!val->name_or_val) break; + memcpy (val->name_or_val, &lf_long, sizeof (SVal_LF_LONG)); break; } case eLF_ULONG: @@ -1613,31 +1654,34 @@ static int parse_sval(SVal *val, unsigned char *leaf_data, unsigned int *read_by // so here is using unsinged int instead of unsigned long when // reading ulong value READ(*read_bytes, 4, len, lf_ulong.value, leaf_data, unsigned int); - parse_sctring(&lf_ulong.name, leaf_data, read_bytes, len); - val->name_or_val = malloc(sizeof(SVal_LF_ULONG)); - memcpy(val->name_or_val, &lf_ulong, sizeof(SVal_LF_ULONG)); + parse_sctring (&lf_ulong.name, leaf_data, read_bytes, len); + val->name_or_val = malloc (sizeof (SVal_LF_ULONG)); + if (!val->name_or_val) break; + memcpy(val->name_or_val, &lf_ulong, sizeof (SVal_LF_ULONG)); break; } case eLF_SHORT: { SVal_LF_SHORT lf_short; - READ(*read_bytes, 2, len, lf_short.value, leaf_data, short); - parse_sctring(&lf_short.name, leaf_data, read_bytes, len); - val->name_or_val = malloc(sizeof(SVal_LF_SHORT)); - memcpy(val->name_or_val, &lf_short, sizeof(SVal_LF_SHORT)); + READ (*read_bytes, 2, len, lf_short.value, leaf_data, short); + parse_sctring (&lf_short.name, leaf_data, read_bytes, len); + val->name_or_val = malloc (sizeof (SVal_LF_SHORT)); + if (!val->name_or_val) break; + memcpy (val->name_or_val, &lf_short, sizeof (SVal_LF_SHORT)); break; } case eLF_USHORT: { SVal_LF_USHORT lf_ushort; - READ(*read_bytes, 2, len, lf_ushort.value, leaf_data, unsigned short); - parse_sctring(&lf_ushort.name, leaf_data, read_bytes, len); - val->name_or_val = malloc(sizeof(SVal_LF_USHORT)); - memcpy(val->name_or_val, &lf_ushort, sizeof(SVal_LF_USHORT)); + READ (*read_bytes, 2, len, lf_ushort.value, leaf_data, unsigned short); + parse_sctring (&lf_ushort.name, leaf_data, read_bytes, len); + val->name_or_val = malloc (sizeof(SVal_LF_USHORT)); + if (!val->name_or_val) break; + memcpy(val->name_or_val, &lf_ushort, sizeof (SVal_LF_USHORT)); break; } default: - printf("parse_sval()::oops\n"); + printf ("parse_sval()::oops\n"); return 0; } } @@ -1924,13 +1968,18 @@ static void init_stype_info(STypeInfo *type_info) } #define PARSE_LF2(lf_type, lf_func_name, type) { \ - STypeInfo *type_info = (STypeInfo *) malloc(sizeof(STypeInfo)); \ - lf_type *lf = (lf_type *) malloc(sizeof(lf_type)); \ - curr_read_bytes = parse_##lf_func_name(lf, p, read_bytes, len); \ + STypeInfo *type_info = (STypeInfo *) malloc (sizeof (STypeInfo)); \ + if (!type_info) return; \ + lf_type *lf = (lf_type *) malloc (sizeof (lf_type)); \ + if (!lf) { \ + free (type_info); \ + return; \ + } \ + curr_read_bytes = parse_##lf_func_name (lf, p, read_bytes, len); \ type_info->type_info = (void *) lf; \ type_info->leaf_type = type; \ - init_stype_info(type_info); \ - r_list_append(lf_fieldlist->substructs, type_info); \ + init_stype_info (type_info); \ + r_list_append (lf_fieldlist->substructs, type_info); \ } /////////////////////////////////////////////////////////////////////////////// @@ -2118,15 +2167,16 @@ static int parse_lf_arglist(SLF_ARGLIST *lf_arglist, unsigned char *leaf_data, u lf_arglist->arg_type = 0; - READ(*read_bytes, 4, len, lf_arglist->count, leaf_data, unsigned int); + READ (*read_bytes, 4, len, lf_arglist->count, leaf_data, unsigned int); - lf_arglist->arg_type = (unsigned int *) malloc(lf_arglist->count * 4); - memcpy(lf_arglist->arg_type, leaf_data, lf_arglist->count * 4); + lf_arglist->arg_type = (unsigned int *) malloc (lf_arglist->count * 4); + if (!lf_arglist->arg_typ) return 0; + memcpy (lf_arglist->arg_type, leaf_data, lf_arglist->count * 4); leaf_data += (lf_arglist->count * 4); *read_bytes += (lf_arglist->count * 4); - PEEK_READ(*read_bytes, 1, len, lf_arglist->pad, leaf_data, unsigned char); - PAD_ALIGN(lf_arglist->pad, *read_bytes, leaf_data, len); + PEEK_READ (*read_bytes, 1, len, lf_arglist->pad, leaf_data, unsigned char); + PAD_ALIGN (lf_arglist->pad, *read_bytes, leaf_data, len); return *read_bytes - tmp_before_read_bytes; } @@ -2217,22 +2267,24 @@ static int parse_lf_vtshape(SLF_VTSHAPE *lf_vtshape, unsigned char *leaf_data, u lf_vtshape->vt_descriptors = 0; - READ(*read_bytes, 2, len, lf_vtshape->count, leaf_data, unsigned short); + READ (*read_bytes, 2, len, lf_vtshape->count, leaf_data, unsigned short); size = (4 * lf_vtshape->count + (lf_vtshape->count % 2) * 4) / 8; - lf_vtshape->vt_descriptors = (char *) malloc(size); - memcpy(lf_vtshape->vt_descriptors, leaf_data, size); + lf_vtshape->vt_descriptors = (char *) malloc (size); + if (!lf_vtshape) return; + memcpy (lf_vtshape->vt_descriptors, leaf_data, size); leaf_data += size; *read_bytes += size; - PEEK_READ(*read_bytes, 1, len, lf_vtshape->pad, leaf_data, unsigned char); - PAD_ALIGN(lf_vtshape->pad, *read_bytes, leaf_data, len); + PEEK_READ (*read_bytes, 1, len, lf_vtshape->pad, leaf_data, unsigned char); + PAD_ALIGN (lf_vtshape->pad, *read_bytes, leaf_data, len); return *read_bytes - tmp_before_read_bytes; } #define PARSE_LF(lf_type, lf_func) { \ lf_type *lf = (lf_type *) malloc(sizeof(lf_type)); \ + if (!lf) return; \ parse_##lf_func(lf, leaf_data + 2, &read_bytes, type->length); \ type->type_data.type_info = (void *) lf; \ init_stype_info(&type->type_data); \ @@ -2247,6 +2299,7 @@ static int parse_tpi_stypes(R_STREAM_FILE *stream, SType *type) { if (type->length<1) return 0; leaf_data = (unsigned char *) malloc(type->length); + if (!leaf_data) return 0; stream_file_read (stream, type->length, (char *)leaf_data); type->type_data.leaf_type = *(unsigned short *)leaf_data; read_bytes += 2; @@ -2272,6 +2325,10 @@ static int parse_tpi_stypes(R_STREAM_FILE *stream, SType *type) { // printf("eLF_POINTER\n"); { SLF_POINTER *lf = (SLF_POINTER *) malloc(sizeof(SLF_POINTER)); \ + if (!lf) { \ + free (leaf_data); \ + return 0; \ + } parse_lf_pointer(lf, leaf_data + 2, &read_bytes, type->length); \ type->type_data.type_info = (void *) lf; \ init_stype_info(&type->type_data); \ @@ -2336,6 +2393,7 @@ int parse_tpi_stream(void *parsed_pdb_stream, R_STREAM_FILE *stream) { for (i = tpi_stream->header.ti_min; i < tpi_stream->header.ti_max; i++) { type = (SType *) malloc(sizeof(SType)); + if (!type) return 0; type->tpi_idx = i; type->type_data.type_info = 0; type->type_data.leaf_type = eLF_MAX;