Fix latest 28 COVs

libr/anal/p/anal_x86_cs.c

@@ -124,7 +124,7 @@ static char *getarg(struct Getarg* gop, int n, int set, char *setop) {
 	case X86_OP_MEM:
 		{
 		// address = (base + (index * scale) + offset)
-		char buf_[64];
+		char buf_[64] = {0};
 		int component_count = 0;
 		const char *base = cs_reg_name (handle, op.mem.base);
 		const char *index = cs_reg_name (handle, op.mem.index);

libr/asm/asm.c

@@ -230,15 +230,17 @@ R_API int r_asm_is_valid(RAsm *a, const char *name) {
 R_API bool r_asm_use_assembler(RAsm *a, const char *name) {
 	RAsmPlugin *h;
 	RListIter *iter;
-	if (a && name && *name) {
-		r_list_foreach (a->plugins, iter, h) {
-			if (h->assemble && !strcmp (h->name, name)) {
-				a->acur = h;
-				return true;
+	if (a) {
+		if (name && *name) {
+			r_list_foreach (a->plugins, iter, h) {
+				if (h->assemble && !strcmp (h->name, name)) {
+					a->acur = h;
+					return true;
+				}
 			}
 		}
+		a->acur = NULL;
 	}
-	a->acur = NULL;
 	return false;
 }
 

libr/core/anal.c

@@ -2347,10 +2347,13 @@ R_API RList* r_core_anal_cycles (RCore *core, int ccl) {
 	ut64 addr = core->offset;
 	int depth = 0;
 	RAnalOp *op = NULL;
-	RAnalCycleFrame *prev = NULL, *cf = r_anal_cycle_frame_new ();
+	RAnalCycleFrame *prev = NULL, *cf = NULL;
 	RAnalCycleHook *ch;
 	RList *hooks = r_list_new ();
-	if (!hooks) return NULL;
+	if (!hooks) {
+		return NULL;
+	}
+	cf = r_anal_cycle_frame_new ();
 	while (cf && !core->cons->breaked) {
 		if ((op = r_core_anal_op (core, addr)) && (op->cycles) && (ccl > 0)) {
 			r_cons_clear_line (1);
@@ -2473,6 +2476,7 @@ R_API RList* r_core_anal_cycles (RCore *core, int ccl) {
 		} else {
 			ch = R_NEW0 (RAnalCycleHook);
 			if (!ch) {
+				r_anal_cycle_frame_free (cf);
 				r_list_free (hooks);
 				return NULL;
 			}

libr/core/cmd_anal.c

@@ -3194,7 +3194,7 @@ static void cmd_anal_hint(RCore *core, const char *input) {
 	case '?':
 		if (input[1]) {
 			ut64 addr = r_num_math (core->num, input+1);
-			r_core_anal_hint_print(core->anal, addr);
+			r_core_anal_hint_print (core->anal, addr);
 		} else r_core_cmd_help (core, help_msg);
 		break;
 	case '.': // ah.
@@ -3753,7 +3753,7 @@ static void cmd_anal_trace(RCore *core, const char *input) {
 		}
 		break;
 	case '-':
-		r_debug_trace_free (core->dbg);
+		r_debug_trace_free (core->dbg->trace);
 		core->dbg->trace = r_debug_trace_new ();
 		break;
 	case ' ':

libr/core/cmd_debug.c

@@ -1903,6 +1903,7 @@ static void r_core_cmd_bp(RCore *core, const char *input) {
 				} else {
 					eprintf ("Missing argument\n");
 				}
+				free (inp);
 			} else {
 				eprintf ("Cannot strdup. Your heap is fucked up\n");
 			}
@@ -2864,7 +2865,7 @@ static int cmd_debug(void *data, const char *input) {
 			break;
 		case '-':
 			r_tree_reset (core->dbg->tree);
-			r_debug_trace_free (core->dbg);
+			r_debug_trace_free (core->dbg->trace);
 			r_debug_tracenodes_reset (core->dbg);
 			core->dbg->trace = r_debug_trace_new ();
 			break;
@@ -3214,12 +3215,15 @@ static int cmd_debug(void *data, const char *input) {
 			eprintf ("Writing to file '%s'\n", corefile);
 			r_file_rm (corefile);
 			RBuffer *dst = r_buf_new ();
-			if (!dst) perror ("r_buf_new_file");
-			if (!core->dbg->h->gcore (core->dbg, dst)) {
-				eprintf ("dg: coredump failed\n");
+			if (dst) {
+				if (!core->dbg->h->gcore (core->dbg, dst)) {
+					eprintf ("dg: coredump failed\n");
+				}
+				r_file_dump (corefile, dst->buf, dst->length, 1);
+				r_buf_free (dst);
+			} else {
+				perror ("r_buf_new_file");
 			}
-			r_file_dump (corefile, dst->buf, dst->length, 1);
-			r_buf_free (dst);
 			free (corefile);
 		}
 		break;

libr/core/disasm.c

@@ -243,9 +243,9 @@ static int cmpaddr(const void *_a, const void *_b) {
 }
 
 static void get_bits_comment(RCore *core, RAnalFunction *f, char *cmt, int cmt_size) {
-	const char *asm_arch = r_config_get (core->config, "asm.arch");
-	if (core && f && cmt && cmt_size>0 && f->bits && asm_arch && *asm_arch) {
-		if (strstr (asm_arch, "arm")) {
+	if (core && f && cmt && cmt_size > 0 && f->bits) {
+		const char *asm_arch = r_config_get (core->config, "asm.arch");
+		if (asm_arch && *asm_arch && strstr (asm_arch, "arm")) {
 			switch (f->bits) {
 			case 16: strcpy (cmt, " (thumb)"); break;
 			case 32: strcpy (cmt, " (arm)"); break;
@@ -2264,8 +2264,9 @@ static void ds_print_ptr(RDisasmState *ds, int len, int idx) {
 						flag = f->name;
 					} else {
 						msg2 = calloc (sizeof (char), len);
-						r_io_read_at (core->io, n, (ut8*)msg2, len-1);
-						kind = r_anal_data_kind (core->anal, p, (const ut8*)msg2, len-1);
+						r_io_read_at (core->io, n, (ut8*)msg2, len - 1);
+						msg2[len-1] = 0;
+						kind = r_anal_data_kind (core->anal, p, (const ut8*)msg2, len - 1);
 						if (kind && !strcmp (kind, "text")) {
 							r_str_filter (msg2, 0);
 							if (*msg2) {

libr/core/visual.c

@@ -373,8 +373,9 @@ static int visual_nkey(RCore *core, int ch) {
 		if (cmd && *cmd) ch = r_core_cmd0 (core, cmd);
 		break;
 	}
-	if (oseek != UT64_MAX)
+	if (oseek != UT64_MAX) {
 		r_core_seek (core, oseek, 0);
+	}
 	return ch;
 }
 
@@ -998,7 +999,9 @@ static bool fix_cursor(RCore *core) {
 	int offscreen = (core->cons->rows - 3) * p->cols;
 	bool res = false;
 
-	if (!core->print->cur_enabled) return false;
+	if (!core->print->cur_enabled) {
+		return false;
+	}
 	if (core->print->screen_bounds > 1) {
 		bool off_is_visible = core->offset < core->print->screen_bounds;
 		bool cur_is_visible = core->offset + p->cur < core->print->screen_bounds;
@@ -1912,11 +1915,12 @@ R_API void r_core_visual_title (RCore *core, int color) {
 		if (curpc && curpc != UT64_MAX && curpc != oldpc) {
 			// check dbg.follow here
 			int follow = (int)(st64)r_config_get_i (core->config, "dbg.follow");
-			if (follow>0) {
-				if ((curpc<core->offset) || (curpc> (core->offset+follow)))
+			if (follow > 0) {
+				if ((curpc<core->offset) || (curpc> (core->offset+follow))) {
 					r_core_seek (core, curpc, 1);
-			} else if (follow<0) {
-				r_core_seek (core, curpc+follow, 1);
+				}
+			} else if (follow < 0) {
+				r_core_seek (core, curpc + follow, 1);
 			}
 			oldpc = curpc;
 		}
@@ -2082,7 +2086,7 @@ R_API int r_core_visual(RCore *core, const char *input) {
 	int wheel, flags, ch;
 	bool skip;
 
-	if (r_cons_get_size (&ch)<1 || ch<1) {
+	if (r_cons_get_size (&ch) < 1 || ch < 1) {
 		eprintf ("Cannot create Visual context. Use scr.fix_{columns|rows}\n");
 		return 0;
 	}
@@ -2109,12 +2113,13 @@ R_API int r_core_visual(RCore *core, const char *input) {
 
 		if (core->printidx == 2) {
 			static char debugstr[512];
-			const char *cmdvhex = r_config_get (core->config, "cmd.stack");
 			const int ref = r_config_get_i (core->config, "dbg.slow");
 			const int pxa = r_config_get_i (core->config, "stack.anotated"); // stack.anotated
 			const int size = r_config_get_i (core->config, "stack.size");
 			const int delta = r_config_get_i (core->config, "stack.delta");
 			const int bytes = r_config_get_i (core->config, "stack.bytes");
+			const char *cmdvhex = r_config_get (core->config, "cmd.stack");
+
 			if (cmdvhex && *cmdvhex) {
 				snprintf (debugstr, sizeof (debugstr),
 					"?0;f tmp;sr SP;%s;?1;%s;?1;s-;"
@@ -2176,12 +2181,14 @@ R_API int r_core_visual(RCore *core, const char *input) {
 	} while (skip || r_core_visual_cmd (core, ch));
 
 	r_cons_enable_mouse (false);
-	if (color)
+	if (color) {
 		r_cons_printf (Color_RESET);
+	}
 	r_config_set_i (core->config, "scr.color", color);
 	core->print->cur_enabled = false;
-	if (autoblocksize)
+	if (autoblocksize) {
 		r_core_block_size (core, obs);
+	}
 	r_cons_singleton ()->teefile = teefile;
 	r_cons_set_cup (false);
 	r_cons_clear00 ();

libr/db/table.c

@@ -1,4 +1,4 @@
-/* radare - LGPL - Copyright 2009-2012 - pancake */
+/* radare - LGPL - Copyright 2009-2016 - pancake */
 
 #include "r_db.h"
 #include "r_util.h"
@@ -38,9 +38,9 @@ beach:
 int r_db_table_key(struct r_db_table_t *table, const char *name) {
 	const char *word;
 	int i;
-	for(i=0;i<table->nelems;i++) {
-		word = r_str_word_get0(table->args, i);
-		if (!strcmp(name, word))
+	for (i = 0; i < table->nelems; i++) {
+		word = r_str_word_get0 (table->args, i);
+		if (!strcmp (name, word))
 			break;
 	}
 	return table->offset[i];
@@ -48,25 +48,23 @@ int r_db_table_key(struct r_db_table_t *table, const char *name) {
 
 /* Get offset of the N field in the table */
 int r_db_table_key_i(struct r_db_table_t *table, int elem) {
-	int key = -1;
-	if (elem>=0 && table->nelems<elem)
-		key = table->offset[elem];
-	return key;
+	return (elem>=0 && table->nelems<elem)
+		? table->offset[elem]
+		: -1;
 }
 
 /* Get name of the N field in the table */
 const char *r_db_table_field_i(struct r_db_table_t *table, int elem) {
-	const char *name = NULL;
-	if (elem>=0 && table->nelems<elem)
-		name = r_str_word_get0 (table->args, elem);
-	return name;
+	return (elem >= 0 && table->nelems < elem)
+		? r_str_word_get0 (table->args, elem)
+		: NULL;
 }
 
 void *r_db_table_free(struct r_db_table_t *table) {
-	if (table->name) free (table->name);
-	if (table->fmt) free (table->fmt);
-	if (table->args) free (table->args);
-	if (table->offset) free (table->offset);
-	if (table) free (table);
+	free (table->name);
+	free (table->fmt);
+	free (table->args);
+	free (table->offset);
+	free (table);
 	return NULL;
 }

libr/debug/p/debug_native.c

@@ -848,9 +848,11 @@ static RList *r_debug_native_modules_get (RDebug *dbg) {
 	if (!list) {
 		return NULL;
 	}
-	last = r_list_new ();
-	if (!last) return NULL;
-	last->free = (RListFree)r_debug_map_free;
+	last = r_list_newf ((RListFree)r_debug_map_free);
+	if (!last) {
+		r_list_free (list);
+		return NULL;
+	}
 	r_list_foreach_safe (list, iter, iter2, map) {
 		const char *file = map->file;
 		if (!map->file) {

libr/fs/fs.c

@@ -169,12 +169,15 @@ R_API bool r_fs_umount(RFS *fs, const char *path) {
 }
 
 R_API RList *r_fs_root(RFS *fs, const char *p) {
-	RList *roots = r_list_new ();
+	RList *roots;
 	RFSRoot *root;
 	RListIter *iter;
 	int len, olen;
 	char *path = strdup (p);
-	if (!path) return NULL;
+	if (!path) {
+		return NULL;
+	}
+	roots = r_list_new ();
 	r_str_chop_path (path);
 	r_list_foreach (fs->roots, iter, root) {
 		len = strlen (root->path);

libr/include/r_core.h

@@ -351,6 +351,7 @@ R_API RList* r_core_anal_graph_to(RCore *core, ut64 addr, int n);
 R_API int r_core_anal_ref_list(RCore *core, int rad);
 R_API int r_core_anal_all(RCore *core);
 R_API RList* r_core_anal_cycles (RCore *core, int ccl);
+R_API void r_core_anal_hint_print (RAnal* a, ut64 addr);
 
 /* asm.c */
 typedef struct r_core_asm_hit {

libr/io/p/io_zip.c

@@ -166,7 +166,9 @@ int r_io_zip_slurp_file(RIOZipFileObj *zfo) {
 	struct zip_file *zFile = NULL;
 	struct zip * zipArch ;
 
-	if (!zfo) return res;
+	if (!zfo) {
+		return res;
+	}
 	zipArch = r_io_zip_open_archive (
 		zfo->archivename, zfo->flags,
 		zfo->mode, zfo->rw);
@@ -202,9 +204,11 @@ RList * r_io_zip_get_files(char *archivename, ut32 flags, int mode, int rw) {
 	char *name;
 	//eprintf("Slurping file");
 	if (zipArch) {
-		files = r_list_new ();
-		if (!files) return NULL;
-		files->free = free;
+		files = r_list_newf (free);
+		if (!files) {
+			zip_close (zipArch);
+			return NULL;
+		}
 		num_entries = zip_get_num_files (zipArch);
 
 		for (i=0; i < num_entries; i++) {
@@ -249,8 +253,9 @@ int r_io_zip_flush_file(RIOZipFileObj *zfo) {
 
 void r_io_zip_free_zipfileobj(RIOZipFileObj *zfo) {
 	if (!zfo) return;
-	if (zfo->modified)
+	if (zfo->modified) {
 		r_io_zip_flush_file (zfo);
+	}
 	free (zfo->name);
 	free (zfo->password);
 	r_buf_free (zfo->b);

libr/io/vio.c

@@ -1,4 +1,4 @@
-/* radare - LGPL - Copyright 2014 - pancake, condret */
+/* radare - LGPL - Copyright 2014-2016 - pancake, condret */
 
 #include <r_io.h>
 
@@ -62,9 +62,11 @@ R_API int r_io_vread (RIO *io, ut64 vaddr, ut8 *buf, int len) {
 	}
 	sections = r_io_section_get_in_vaddr_range (io, vaddr, vaddr+len);
 	if (!r_list_empty (sections)) {						//check if there is any section
-		ranges = r_list_new();
-		if (!ranges) return false;
-		ranges->free = free;
+		ranges = r_list_newf (free);
+		if (!ranges) {
+			r_list_free (sections);
+			return false;
+		}
 		r_list_foreach (sections, iter, section) {
 			if (section->vaddr==0)
 				continue;

libr/reg/arena.c

@@ -52,7 +52,7 @@ R_API bool r_reg_read_regs(RReg *reg, ut8 *buf, const int len) {
 			arena = reg->regset[i].arena;
 		} else {
 			arena = reg->regset[i].arena = R_NEW0 (RRegArena);
-			if (arena) return false;
+			if (!arena) return false;
 			arena->size = len;
 			arena->bytes = malloc (len);
 			if (!arena->bytes) {

libr/util/diff.c

@@ -210,6 +210,8 @@ R_API bool r_diff_buffers_distance(RDiff *d, const ut8 *a, ut32 la, const ut8 *b
 	int *v1 = (int*) calloc ((lb + 1), sizeof (int));	
 	
 	if (!a || !b || la < 1 || lb < 1) {
+		free (v0);
+		free (v1);
 		return false;
 	}
 
@@ -220,6 +222,8 @@ R_API bool r_diff_buffers_distance(RDiff *d, const ut8 *a, ut32 la, const ut8 *b
 		if (similarity) {
 			*similarity = 1.0;
 		}
+		free (v0);
+		free (v1);
 		return true;
 	}
 
@@ -254,5 +258,7 @@ R_API bool r_diff_buffers_distance(RDiff *d, const ut8 *a, ut32 la, const ut8 *b
 			*similarity = (double)1 - diff;
 		}
 	}
+	free (v0);
+	free (v1);
 	return true;
 }

shlr/java/class.c

@@ -4829,6 +4829,7 @@ R_API ut8 * r_bin_java_cp_get_fref_bytes (RBinJavaObj *bin, ut32 *out_sz, ut8 ta
 		if (fnt_bytes) {
 			ut8 *tbuf = malloc (fnt_len + *out_sz);
 			if (!tbuf) {
+				free (bytes);
 				free (fnt_bytes);
 				return NULL;
 			}