First few fixes for infer scans

Fixes a few memleaks and several NULL dereferences

Signed-off-by: Riccardo Schirone <sirmy15@gmail.com>

binr/radiff2/radiff2.c

@@ -34,6 +34,7 @@ static RCore* opencore(const char *f) {
 	const ut64 baddr = UT64_MAX;
 	RCore *c = r_core_new ();
 	r_core_loadlibs (c, R_CORE_LOADLIBS_ALL, NULL);
+	if (!c) return NULL;
 	r_config_set_i (c->config, "io.va", useva);
 	r_config_set_i (c->config, "anal.split", true);
 	if (f) {

binr/rafind2/rafind2.c

@@ -89,6 +89,7 @@ static int rafind_open(char *file) {
 
 	r_cons_new ();
 	rs = r_search_new (mode);
+	if (!rs) return 1;
 	buf = calloc (1, bsize);
 	if (!buf) {
 		eprintf ("Cannot allocate %"PFMT64d" bytes\n", bsize);

libr/anal/bb.c

@@ -81,6 +81,7 @@ R_API int r_anal_bb(RAnal *anal, RAnalBlock *bb, ut64 addr, ut8 *buf, ut64 len,
 			break;
 		}
 		if (oplen < 1) {
+			r_anal_op_free (op);
 			return R_ANAL_RET_END;
 		}
 
@@ -173,6 +174,7 @@ R_API void r_anal_bb_set_offset(RAnalBlock *bb, int i, ut16 v) {
 		if (i >= bb->n_op_pos) {
 			bb->n_op_pos = i * 2;
 			bb->op_pos = realloc (bb->op_pos, bb->n_op_pos * sizeof (*bb->op_pos));
+			if (!bb->op_pos) return;
 		}
 		bb->op_pos[i - 1] = v;
 	}

libr/anal/cc.c

@@ -13,6 +13,7 @@ NOTES
 
 R_API RAnalCC* r_anal_cc_new () {
 	RAnalCC *cc = R_NEW (RAnalCC);
+	if (!cc) return NULL;
 	r_anal_cc_init (cc);
 	return cc;
 }

libr/anal/cond.c

@@ -44,6 +44,7 @@ R_API void r_anal_cond_free (RAnalCond *c) {
 // XXX?
 R_API RAnalCond *r_anal_cond_clone(RAnalCond *cond) {
 	RAnalCond *c = R_NEW (RAnalCond);
+	if (!c) return NULL;
 	memcpy (c, cond, sizeof (RAnalCond));
 	return c;
 }

libr/anal/data.c

@@ -94,6 +94,10 @@ R_API char *r_anal_data_to_string(RAnalData *d) {
 	if (!d) return NULL;
 
 	line = malloc (mallocsz);
+	if (!line) {
+		eprintf ("Cannot allocate %"PFMT64d" bytes\n", mallocsz);
+		return NULL;
+	}
 	snprintf (line, mallocsz, "0x%08" PFMT64x "  ", d->addr);
 	n32 = (ut32)d->ptr;
 	len = R_MIN (d->len, 8);
@@ -179,6 +183,10 @@ R_API RAnalData *r_anal_data_new_string(ut64 addr, const char *p, int len, int t
 		memcpy (ad->str, p, len);
 		ad->str[len] = 0;
 		ad->buf = malloc (len + 1);
+		if (!ad->buf) {
+			eprintf ("Cannot allocate %"PFMT64d" bytes\n", len + 1);
+			return NULL;
+		}
 		memcpy (ad->buf, ad->str, len + 1);
 		ad->len = len + 1; // string length + \x00
 	}

libr/anal/esil2reil.c

@@ -159,6 +159,7 @@ void reil_cast_size(RAnalEsil *esil, RAnalReilArg *src, RAnalReilArg *dst) {
 	snprintf (tmp_buf, REGBUFSZ-1, "0:%d", dst->size);
 	r_anal_esil_push (esil, tmp_buf);
 	ins = R_NEW0 (RAnalReilInst);
+	if (!ins) return;
 	ins->opcode = REIL_OR;
 	ins->arg[0] = src;
 	ins->arg[1] = reil_pop_arg (esil);
@@ -197,10 +198,19 @@ static int reil_eq(RAnalEsil *esil) {
 	} else if (src_type == ARG_REG) {
 		// No direct register to register transfer.
 		ins = R_NEW0 (RAnalReilInst);
+		if (!ins) return false;
 		ins->opcode = REIL_STR;
 		ins->arg[0] = src;
 		ins->arg[1] = R_NEW0(RAnalReilArg);
+		if (!ins->arg[1]) {
+			reil_free_inst (ins);
+			return false;
+		}
 		ins->arg[2] = R_NEW0(RAnalReilArg);
+		if (!ins->arg[2]) {
+			reil_free_inst(ins);	 
+			return false;
+		}
 		reil_make_arg(esil, ins->arg[1], " ");
 		get_next_temp_reg(esil, tmp_buf);
 		reil_make_arg(esil, ins->arg[2], tmp_buf);
@@ -213,12 +223,21 @@ static int reil_eq(RAnalEsil *esil) {
 
 	// First, make a copy of the dst. We will need this to set the flags later on.
 	ins = R_NEW0 (RAnalReilInst);
+	if (!ins) return false;
 	dst_type = dst->type;
 	if (src_type != ARG_ESIL_INTERNAL && dst_type == ARG_REG) {
 		ins->opcode = REIL_STR;
 		ins->arg[0] = dst;
 		ins->arg[1] = R_NEW0(RAnalReilArg);
+		if (!ins->arg[1]) {
+			reil_free_inst (ins);
+			return false;
+		}
 		ins->arg[2] = R_NEW0(RAnalReilArg);
+		if (!ins->arg[2]) {
+			reil_free_inst(ins);	 
+			return false;
+		}
 		reil_make_arg(esil, ins->arg[1], " ");
 		get_next_temp_reg(esil, tmp_buf);
 		reil_make_arg(esil, ins->arg[2], tmp_buf);
@@ -286,7 +305,14 @@ static int reil_binop(RAnalEsil *esil, RAnalReilOpcode opcode) {
 	ins->opcode = opcode;
 	ins->arg[0] = op2;
 	ins->arg[1] = op1;
+	if (!ins->arg[1]) return false;
 	ins->arg[2] = R_NEW0(RAnalReilArg);
+	if (!ins->arg[2])  {
+		R_FREE (op1);
+		R_FREE (op2);
+		reil_free_inst (ins);
+		return false;
+	}
 	get_next_temp_reg(esil, tmp_buf);
 	reil_make_arg(esil, ins->arg[2], tmp_buf);
 	// Choose the larger of the two sizes as the size of dst
@@ -351,10 +377,21 @@ static int reil_cmp(RAnalEsil *esil) {
 	}
 
 	ins = R_NEW0 (RAnalReilInst);
+	if (!ins) {
+		R_FREE (op1);
+		R_FREE (op2);
+		return false;
+	}
 	ins->opcode = REIL_EQ;
 	ins->arg[0] = op2;
 	ins->arg[1] = op1;
 	ins->arg[2] = R_NEW0(RAnalReilArg);
+	if (!ins->arg[2]) {
+		R_FREE (op1);
+		R_FREE (op2);
+		reil_free_inst (ins);
+		return false;
+	}
 	get_next_temp_reg(esil, tmp_buf);
 	reil_make_arg(esil, ins->arg[2], tmp_buf);
 	ins->arg[2]->size = 1;
@@ -491,11 +528,22 @@ static int reil_neg(RAnalEsil *esil) {
 	if (!op) return false;
 
 	ins = R_NEW0 (RAnalReilInst);
+	if (!ins) return false;
 	ins->opcode = REIL_EQ;
 	ins->arg[0] = op;
 	r_anal_esil_pushnum (esil, 0);
 	ins->arg[1] = reil_pop_arg(esil);
+	if (!ins->arg[1]) {
+		R_FREE (op);
+		reil_free_inst (ins);
+		return false;
+	}
 	ins->arg[2] = R_NEW0 (RAnalReilArg);
+	if (!ins->arg[2]) {
+		R_FREE (op);
+		reil_free_inst (ins);
+		return false;
+	}
 	get_next_temp_reg(esil, tmp_buf);
 	reil_make_arg(esil, ins->arg[2], tmp_buf);
 	if (ins->arg[0]->size < ins->arg[1]->size)

libr/core/core.c

@@ -453,6 +453,7 @@ static ut64 num_callback(RNum *userptr, const char *str, int *ok) {
 
 R_API RCore *r_core_new() {
 	RCore *c = R_NEW0 (RCore);
+	if (!c) return NULL;
 	r_core_init (c);
 	return c;
 }