Fixed resource leaks, CID 1639164, 1639165, 1639167, 1639168, 1639169

This commit is contained in:
olszomal 2025-03-31 11:36:58 +02:00 committed by Michał Trojnara
parent 4bd167a8be
commit 4568c890cc

28
appx.c
View File

@ -1488,6 +1488,7 @@ static int zipAppendSignatureFile(BIO *bio, ZIP_FILE *zip, uint8_t *data, uint64
if (!get_current_position(bio, &offset)) { if (!get_current_position(bio, &offset)) {
fprintf(stderr, "Unable to get offset\n"); fprintf(stderr, "Unable to get offset\n");
OPENSSL_free(header.fileName);
OPENSSL_free(dataToWrite); OPENSSL_free(dataToWrite);
return 0; /* FAILED */ return 0; /* FAILED */
} }
@ -1497,6 +1498,7 @@ static int zipAppendSignatureFile(BIO *bio, ZIP_FILE *zip, uint8_t *data, uint64
size_t check; size_t check;
if (!BIO_write_ex(bio, dataToWrite + written, toWrite, &check) if (!BIO_write_ex(bio, dataToWrite + written, toWrite, &check)
|| check != toWrite) { || check != toWrite) {
OPENSSL_free(header.fileName);
OPENSSL_free(dataToWrite); OPENSSL_free(dataToWrite);
return 0; /* FAILED */ return 0; /* FAILED */
} }
@ -1591,6 +1593,7 @@ static int zipRewriteData(ZIP_FILE *zip, ZIP_CENTRAL_DIRECTORY_ENTRY *entry, BIO
{ {
size_t check; size_t check;
ZIP_LOCAL_HEADER header; ZIP_LOCAL_HEADER header;
int ret = 0;
memset(&header, 0, sizeof(header)); memset(&header, 0, sizeof(header));
if (entry->offsetOfLocalHeader >= (uint64_t)zip->fileSize) { if (entry->offsetOfLocalHeader >= (uint64_t)zip->fileSize) {
@ -1601,7 +1604,7 @@ static int zipRewriteData(ZIP_FILE *zip, ZIP_CENTRAL_DIRECTORY_ENTRY *entry, BIO
return 0; /* FAILED */ return 0; /* FAILED */
} }
if (!zipReadLocalHeader(&header, zip, entry->compressedSize)) { if (!zipReadLocalHeader(&header, zip, entry->compressedSize)) {
return 0; /* FAILED */ goto out;
} }
if (entry->overrideData) { if (entry->overrideData) {
header.compressedSize = entry->overrideData->compressedSize; header.compressedSize = entry->overrideData->compressedSize;
@ -1612,14 +1615,14 @@ static int zipRewriteData(ZIP_FILE *zip, ZIP_CENTRAL_DIRECTORY_ENTRY *entry, BIO
if (entry->overrideData) { if (entry->overrideData) {
if (!BIO_write_ex(bio, entry->overrideData->data, entry->overrideData->compressedSize, &check) if (!BIO_write_ex(bio, entry->overrideData->data, entry->overrideData->compressedSize, &check)
|| check != entry->overrideData->compressedSize) { || check != entry->overrideData->compressedSize) {
return 0; /* FAILED */ goto out;
} }
if (entry->compressedSize > (uint64_t)zip->fileSize - entry->offsetOfLocalHeader) { if (entry->compressedSize > (uint64_t)zip->fileSize - entry->offsetOfLocalHeader) {
fprintf(stderr, "Corrupted compressedSize : 0x%08" PRIX64 "\n", entry->compressedSize); fprintf(stderr, "Corrupted compressedSize : 0x%08" PRIX64 "\n", entry->compressedSize);
return 0; /* FAILED */ goto out;
} }
if (fseeko(zip->file, (int64_t)entry->compressedSize, SEEK_CUR) < 0) { if (fseeko(zip->file, (int64_t)entry->compressedSize, SEEK_CUR) < 0) {
return 0; /* FAILED */ goto out;
} }
*sizeOnDisk += entry->overrideData->compressedSize; *sizeOnDisk += entry->overrideData->compressedSize;
} else { } else {
@ -1630,12 +1633,12 @@ static int zipRewriteData(ZIP_FILE *zip, ZIP_CENTRAL_DIRECTORY_ENTRY *entry, BIO
size_t size = fread(data, 1, toWrite, zip->file); size_t size = fread(data, 1, toWrite, zip->file);
if (size != toWrite) { if (size != toWrite) {
OPENSSL_free(data); OPENSSL_free(data);
return 0; /* FAILED */ goto out;
} }
if (!BIO_write_ex(bio, data, toWrite, &check) if (!BIO_write_ex(bio, data, toWrite, &check)
|| check != toWrite) { || check != toWrite) {
OPENSSL_free(data); OPENSSL_free(data);
return 0; /* FAILED */ goto out;
} }
*sizeOnDisk += toWrite; *sizeOnDisk += toWrite;
len -= toWrite; len -= toWrite;
@ -1654,19 +1657,21 @@ static int zipRewriteData(ZIP_FILE *zip, ZIP_CENTRAL_DIRECTORY_ENTRY *entry, BIO
} }
if (zip->isZip64) { if (zip->isZip64) {
if (fseeko(zip->file, 24, SEEK_CUR) < 0) { if (fseeko(zip->file, 24, SEEK_CUR) < 0) {
return 0; /* FAILED */ goto out;
} }
*sizeOnDisk += 24; *sizeOnDisk += 24;
} else { } else {
if (fseeko(zip->file, 16, SEEK_CUR) < 0) { if (fseeko(zip->file, 16, SEEK_CUR) < 0) {
return 0; /* FAILED */ goto out;
} }
*sizeOnDisk += 16; *sizeOnDisk += 16;
} }
} }
ret = 1; /* OK */
out:
OPENSSL_free(header.fileName); OPENSSL_free(header.fileName);
OPENSSL_free(header.extraField); OPENSSL_free(header.extraField);
return 1; /* OK */ return ret;
} }
/* /*
@ -1835,6 +1840,8 @@ static size_t zipReadFileData(ZIP_FILE *zip, uint8_t **pData, ZIP_CENTRAL_DIRECT
uncompressedSize = entry->uncompressedSize; uncompressedSize = entry->uncompressedSize;
memset(&header, 0, sizeof(header)); memset(&header, 0, sizeof(header));
if (!zipReadLocalHeader(&header, zip, compressedSize)) { if (!zipReadLocalHeader(&header, zip, compressedSize)) {
OPENSSL_free(header.fileName);
OPENSSL_free(header.extraField);
return 0; /* FAILED */ return 0; /* FAILED */
} }
if (header.fileNameLen != entry->fileNameLen if (header.fileNameLen != entry->fileNameLen
@ -1843,6 +1850,8 @@ static size_t zipReadFileData(ZIP_FILE *zip, uint8_t **pData, ZIP_CENTRAL_DIRECT
|| header.uncompressedSize != uncompressedSize || header.uncompressedSize != uncompressedSize
|| header.compression != entry->compression) { || header.compression != entry->compression) {
fprintf(stderr, "Local header does not match central directory entry\n"); fprintf(stderr, "Local header does not match central directory entry\n");
OPENSSL_free(header.fileName);
OPENSSL_free(header.extraField);
return 0; /* FAILED */ return 0; /* FAILED */
} }
/* we don't really need those */ /* we don't really need those */
@ -2144,6 +2153,7 @@ static int zipDeflate(uint8_t *dest, uint64_t *destLen, uint8_t *source, uLong s
err = deflateInit2(&stream, 8, Z_DEFLATED, -MAX_WBITS, 8, Z_DEFAULT_STRATEGY); err = deflateInit2(&stream, 8, Z_DEFLATED, -MAX_WBITS, 8, Z_DEFAULT_STRATEGY);
if (err != Z_OK) { if (err != Z_OK) {
deflateEnd(&stream);
return err; return err;
} }
stream.next_out = dest; stream.next_out = dest;