Fix strdup on nullptr in rz_core_bin_apply_strings

rizinorg · Aug 17, 2022 · e5ad689 · e5ad689
1 parent 05bbd14
commit e5ad689
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 12 deletions.
diff --git a/librz/bin/bobj.c b/librz/bin/bobj.c
@@ -454,7 +454,6 @@ RZ_API int rz_bin_object_set_items(RzBinFile *bf, RzBinObject *o) {
 	if (p->symbols) {
 		o->symbols = p->symbols(bf);
 		if (o->symbols) {
-			rz_warn_if_fail(o->symbols->free);
 			REBASE_PADDR(o, o->symbols, RzBinSymbol);
 			if (bin->filter) {
 				rz_bin_filter_symbols(bf, o->symbols);

diff --git a/librz/bin/format/luac/luac_bin.c b/librz/bin/format/luac/luac_bin.c
@@ -5,7 +5,8 @@
 
 void luac_add_section(RzList *section_list, char *name, ut64 offset, ut32 size, bool is_func) {
 	RzBinSection *bin_sec = RZ_NEW0(RzBinSection);
-	if (!bin_sec) {
+	if (!bin_sec || !name) {
+		free(bin_sec);
 		return;
 	}
 
@@ -16,15 +17,17 @@ void luac_add_section(RzList *section_list, char *name, ut64 offset, ut32 size,
 	bin_sec->bits = is_func ? sizeof(LUA_INSTRUCTION) * 8 : 8;
 	// bin_sec->has_strings = !is_func;
 	bin_sec->has_strings = false;
-	bin_sec->arch = rz_str_new("luac");
+	bin_sec->arch = "luac";
 
 	if (is_func) {
 		bin_sec->perm = RZ_PERM_R | RZ_PERM_X;
 	} else {
 		bin_sec->perm = RZ_PERM_R;
 	}
 
-	rz_list_append(section_list, bin_sec);
+	if (!rz_list_append(section_list, bin_sec)) {
+		rz_bin_section_free(bin_sec);
+	}
 }
 
 void luac_add_symbol(RzList *symbol_list, char *name, ut64 offset, ut64 size, const char *type) {

diff --git a/librz/bin/p/bin_luac.c b/librz/bin/p/bin_luac.c
@@ -17,25 +17,27 @@ static bool check_buffer(RzBuffer *buff) {
 }
 
 static bool load_buffer(RzBinFile *bf, RzBinObject *obj, RzBuffer *buf, Sdb *sdb) {
-	ut8 MAJOR_MINOR_VERSION;
+	ut8 major_minor_version;
 	LuacBinInfo *bin_info_obj = NULL;
 	LuaProto *proto = NULL;
 	RzBinInfo *general_info = NULL;
 	st32 major;
 	st32 minor;
 
-	rz_buf_read_at(buf, LUAC_VERSION_OFFSET, &MAJOR_MINOR_VERSION, sizeof(MAJOR_MINOR_VERSION)); /* 1-byte in fact */
-	if ((bin_info_obj = RZ_NEW(LuacBinInfo)) == NULL) {
-		return false;
-	}
-	major = (MAJOR_MINOR_VERSION & 0xF0) >> 4;
-	minor = (MAJOR_MINOR_VERSION & 0x0F);
+	rz_buf_read_at(buf, LUAC_VERSION_OFFSET, &major_minor_version, sizeof(major_minor_version)); /* 1-byte in fact */
+	major = (major_minor_version & 0xF0) >> 4;
+	minor = (major_minor_version & 0x0F);
 
 	if (major != 5) {
 		RZ_LOG_ERROR("currently support lua 5.x only\n");
 		return false;
 	}
 
+	bin_info_obj = RZ_NEW(LuacBinInfo);
+	if (!bin_info_obj) {
+		return false;
+	}
+
 	switch (minor) {
 	case 4:
 		proto = lua_parse_body_54(buf, 0x20, bf->size);
@@ -47,13 +49,15 @@ static bool load_buffer(RzBinFile *bf, RzBinObject *obj, RzBuffer *buf, Sdb *sdb
 		break;
 	default:
 		RZ_LOG_ERROR("lua 5.%c not support now\n", minor + '0');
+		free(bin_info_obj);
 		return false;
 	}
 
 	bin_info_obj = luac_build_info(proto);
 	if (bin_info_obj == NULL) {
 		lua_free_proto_entry(proto);
 		rz_bin_info_free(general_info);
+		free(bin_info_obj);
 		return false;
 	}
 	bin_info_obj->general_info = general_info;

diff --git a/librz/core/cbin.c b/librz/core/cbin.c
@@ -555,7 +555,7 @@ RZ_API bool rz_core_bin_apply_strings(RzCore *r, RzBinFile *binfile) {
 			break;
 		}
 		rz_meta_set_with_subtype(r->analysis, RZ_META_TYPE_STRING, string->type, vaddr, string->size, string->string);
-		char *f_name = strdup(string->string);
+		char *f_name = rz_str_new(string->string);
 		rz_name_filter(f_name, -1, true);
 		char *str;
 		if (r->bin->prefix) {