summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Oberhollenzer <david.oberhollenzer@sigma-star.at>2019-09-24 17:46:54 +0200
committerDavid Oberhollenzer <david.oberhollenzer@sigma-star.at>2019-09-24 17:46:54 +0200
commit8f60ea029a81e1419c4b6f95a1fdf4b166c4efd2 (patch)
tree6b6eb840b3adf3a596da05749b91552c4c9d39ab
parent2354f7b5cfc289fdec95eeecb8d441c20513712b (diff)
Fix memory and pointer leaks in data reader error paths
Make sure that the block cache pointers are reset to NULL after freeing them, the get_block function does not update them on failure. Also, make sure all error paths in the get_block function actually clean up the allocated memory. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
-rw-r--r--lib/sqfs/data_reader.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/sqfs/data_reader.c b/lib/sqfs/data_reader.c
index 2603cfe..19b416b 100644
--- a/lib/sqfs/data_reader.c
+++ b/lib/sqfs/data_reader.c
@@ -57,8 +57,10 @@ static int get_block(sqfs_data_reader_t *data, uint64_t off, uint32_t size,
on_disk_size = SQFS_ON_DISK_BLOCK_SIZE(size);
- if (on_disk_size > unpacked_size)
+ if (on_disk_size > unpacked_size) {
+ free(blk);
return SQFS_ERROR_OVERFLOW;
+ }
if (SQFS_IS_BLOCK_COMPRESSED(size)) {
err = data->file->read_at(data->file, off,
@@ -95,6 +97,7 @@ static int precache_data_block(sqfs_data_reader_t *data, uint64_t location,
return 0;
free(data->data_block);
+ data->data_block = NULL;
ret = get_block(data, location, size, data->block_size,
&data->data_block);
@@ -119,6 +122,7 @@ static int precache_fragment_block(sqfs_data_reader_t *data, size_t idx)
return SQFS_ERROR_OUT_OF_BOUNDS;
free(data->frag_block);
+ data->frag_block = NULL;
ret = get_block(data, data->frag[idx].start_offset,
data->frag[idx].size, data->block_size,