Fix memleaks in the ragg2 xor key thing

2025-02-26 00:55:59 +00:00 · 2016-03-06 23:38:09 +01:00 · 2016-03-06 23:38:09 +01:00 · c9267523ac
commit c9267523ac
parent c959e2032d
1 changed files with 13 additions and 5 deletions
--- a/libr/egg/p/egg_xor.c
+++ b/libr/egg/p/egg_xor.c
@ -1,21 +1,26 @@
-/* radare - LGPL - Copyright 2011-2012 - pancake */
+/* radare - LGPL - Copyright 2011-2016 - pancake */
+
 /* based on @santitox patch */
 #include <r_egg.h>

+#define DEFAULT_XOR_KEY "0xFF"
+
 static RBuffer *build (REgg *egg) {
 	RBuffer *buf, *sc;
 	ut8 aux[32], nkey;
-	const char *default_key="0xff";//default key
-	int i;
+	const char *default_key = DEFAULT_XOR_KEY;
 	char *key = r_egg_option_get (egg, "key");
+	int i;

 	if (!key || !*key) {
-		key = default_key;
-		printf ("XOR key not provided. Using (%s) as the key\n",key);
+		free (key);
+		key = strdup (default_key);
+		eprintf ("XOR key not provided. Using (%s) as the key\n", key);
 	}
 	nkey = r_num_math (NULL, key);
 	if (nkey == 0) {
 		eprintf ("Invalid key (%s)\n", key);
+		free (key);
 		return R_FALSE;
 	}
 	if (nkey != (nkey & 0xff)) {
@ -24,6 +29,7 @@ static RBuffer *build (REgg *egg) {
 	}
 	if (egg->bin->length > 240) { // XXX
 		eprintf ("shellcode is too long :(\n");
+		free (key);
 		return NULL;
 	}
 	sc = egg->bin; // hack
@ -31,6 +37,7 @@ static RBuffer *build (REgg *egg) {
 		// eprintf ("%02x -> %02x\n", sc->buf[i], sc->buf[i] ^nkey);
 		if ((sc->buf[i]^nkey)==0) {
 			eprintf ("This xor key generates null bytes. Try again.\n");
+			free (key);
 			return NULL;
 		}
 	}
@ -70,6 +77,7 @@ static RBuffer *build (REgg *egg) {
 		r_buf_append_buf (buf, sc);
 	}
 	r_buf_free (sc);
+	free (key);
 	return buf;
 }