From 6d63b3fbed045d851d7741124872da6c82bea029 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Thu, 21 Feb 2019 16:17:49 +0100 Subject: [PATCH] fix: mem leaks. --- client/cmdhffelica.c | 6 +++--- client/cmdhficlass.c | 2 +- client/cmdhfmf.c | 9 +++++++-- client/cmdhfmfu.c | 2 ++ client/cmdsmartcard.c | 4 +++- client/emv/cmdemv.c | 1 + client/loclass/elite_crack.c | 5 +++-- client/loclass/fileutils.c | 9 +++++++-- client/loclass/ikeys.c | 2 +- 9 files changed, 28 insertions(+), 12 deletions(-) diff --git a/client/cmdhffelica.c b/client/cmdhffelica.c index 07422f419..acfc68cf2 100644 --- a/client/cmdhffelica.c +++ b/client/cmdhffelica.c @@ -242,7 +242,7 @@ static void printSep() { PrintAndLogEx(NORMAL, "------------------------------------------------------------------------------------"); } -uint16_t PrintFliteBlock(uint16_t tracepos, uint8_t *trace,uint16_t tracelen) { +uint16_t PrintFliteBlock(uint16_t tracepos, uint8_t *trace, uint16_t tracelen) { if (tracepos+19 >= tracelen) return tracelen; @@ -273,8 +273,8 @@ uint16_t PrintFliteBlock(uint16_t tracepos, uint8_t *trace,uint16_t tracelen) { case 0x0c: PrintAndLogEx(NORMAL, "S_PAD12: %s",line);break; case 0x0d: PrintAndLogEx(NORMAL, "S_PAD13: %s",line);break; case 0x0E: { - uint32_t regA = trace[3] + (trace[4]>>8) + (trace[5]>>16) + (trace[6]>>24); - uint32_t regB = trace[7] + (trace[8]>>8) + (trace[9]>>16) + (trace[10]>>24); + uint32_t regA = trace[3] | trace[4] << 8 | trace[5] << 16 | trace[ 6] << 24; + uint32_t regB = trace[7] | trace[8] << 8 | trace[9] << 16 | trace[10] << 24; line[0] = 0; for (int j = 0; j < 8; j++) snprintf(line+( j * 2),110, "%02x", trace[j+11]); diff --git a/client/cmdhficlass.c b/client/cmdhficlass.c index 746146758..ddc6fb2c0 100644 --- a/client/cmdhficlass.c +++ b/client/cmdhficlass.c @@ -2163,7 +2163,7 @@ int CmdHFiClassLookUp(const char *Cmd) { uint8_t CSN[8]; uint8_t EPURSE[8] = { 0,0,0,0,0,0,0,0 }; - uint8_t MACS[8]; + uint8_t MACS[8]= { 0,0,0,0,0,0,0,0 }; uint8_t CCNR[12]; uint8_t MAC_TAG[4] = { 0,0,0,0 }; diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c index 78a9ed138..57cf246da 100644 --- a/client/cmdhfmf.c +++ b/client/cmdhfmf.c @@ -1245,8 +1245,10 @@ int CmdHF14AMfNested(const char *Cmd) { // Create dump file if (createDumpFile) { fptr = GenerateFilename("hf-mf-", "-key.bin"); - if (fptr == NULL) + if (fptr == NULL) { + free(e_sector); return 1; + } if ((fkeys = fopen(fptr, "wb")) == NULL) { PrintAndLogEx(WARNING, "could not create file " _YELLOW_(%s), fptr); @@ -1276,6 +1278,8 @@ int CmdHF14AMfNested(const char *Cmd) { } free(e_sector); } + + free(e_sector); return 0; } @@ -1971,7 +1975,8 @@ out: if (createDumpFile) { fptr = GenerateFilename("hf-mf-", "-key.bin"); if (fptr == NULL) { - free(keyBlock); + free(keyBlock); + free(e_sector); return 1; } diff --git a/client/cmdhfmfu.c b/client/cmdhfmfu.c index e583f7f02..d703f980d 100644 --- a/client/cmdhfmfu.c +++ b/client/cmdhfmfu.c @@ -1982,6 +1982,7 @@ int CmdHF14AMfURestore(const char *Cmd){ uint8_t *dump = calloc(fsize, sizeof(uint8_t)); if ( !dump ) { PrintAndLogEx(WARNING, "Failed to allocate memory"); + fclose(f); return 1; } @@ -1990,6 +1991,7 @@ int CmdHF14AMfURestore(const char *Cmd){ fclose(f); if ( bytes_read < 48 ) { PrintAndLogEx(WARNING, "Error, dump file is too small"); + free(dump); return 1; } diff --git a/client/cmdsmartcard.c b/client/cmdsmartcard.c index 9496b5445..3860496de 100644 --- a/client/cmdsmartcard.c +++ b/client/cmdsmartcard.c @@ -1022,8 +1022,10 @@ int CmdSmartBruteforceSFI(const char *Cmd) { return 1; PrintAndLogEx(INFO, "Selecting card"); - if ( !smart_select(false, NULL) ) + if ( !smart_select(false, NULL) ) { + free(buf); return 1; + } char* caid = NULL; diff --git a/client/emv/cmdemv.c b/client/emv/cmdemv.c index 98bc389f4..94df507de 100644 --- a/client/emv/cmdemv.c +++ b/client/emv/cmdemv.c @@ -1807,6 +1807,7 @@ int CmdEMVRoca(const char *cmd) { PrintAndLogEx(ERR, "Can't create PDOL data."); tlvdb_free(tlvRoot); DropFieldEx( channel ); + free(pdol_data_tlv); return 6; } PrintAndLogEx(INFO, "PDOL data[%d]: %s", pdol_data_tlv_data_len, sprint_hex(pdol_data_tlv_data, pdol_data_tlv_data_len)); diff --git a/client/loclass/elite_crack.c b/client/loclass/elite_crack.c index 6619e7aaa..630fa72a6 100644 --- a/client/loclass/elite_crack.c +++ b/client/loclass/elite_crack.c @@ -538,18 +538,19 @@ int bruteforceFile(const char *filename, uint16_t keytable[]) { if (fsize < 0) { PrintAndLogDevice(WARNING, "Error, when getting filesize"); - if (f) fclose(f); + fclose(f); return 1; } uint8_t *dump = calloc(fsize, sizeof(uint8_t)); if ( !dump ) { PrintAndLogDevice(WARNING, "Failed to allocate memory"); + fclose(f); return 2; } size_t bytes_read = fread(dump, 1, fsize, f); - if (f) fclose(f); + fclose(f); if (bytes_read < fsize) { PrintAndLogDevice(WARNING, "Error, could only read %d bytes (should be %d)", bytes_read, fsize ); diff --git a/client/loclass/fileutils.c b/client/loclass/fileutils.c index da91b21ec..6ce7c42ea 100644 --- a/client/loclass/fileutils.c +++ b/client/loclass/fileutils.c @@ -266,8 +266,8 @@ int loadFile(const char *preferredName, const char *suffix, void* data, size_t* FILE *f = fopen(fileName, "rb"); if ( !f ) { PrintAndLogDevice(WARNING, "file not found or locked. '" _YELLOW_(%s)"'", fileName); - retval = 1; - goto out; + free(fileName); + return 1; } // get filesize in order to malloc memory @@ -310,7 +310,12 @@ int loadFile(const char *preferredName, const char *suffix, void* data, size_t* out: fclose(f); + + if (data) + free(data); + free(fileName); + return retval; } diff --git a/client/loclass/ikeys.c b/client/loclass/ikeys.c index 2d14959ca..16b5513b7 100644 --- a/client/loclass/ikeys.c +++ b/client/loclass/ikeys.c @@ -685,7 +685,7 @@ static bool readKeyFile(uint8_t key[8]) { sprintf(filename, "%s.bin", "client/loclass/iclass_key"); } - if ( filename == NULL ) + if ( strlen(filename) == 0 ) return retval; FILE *f = fopen(filename, "rb");