From fab0e59c70bfd8e39189ac29b17333d85d4645cb Mon Sep 17 00:00:00 2001 From: Hadriel Kaplan Date: Thu, 20 Aug 2015 14:38:35 -0400 Subject: Fix memory leaks of dumper SHB and IDB infos Change-Id: I6b81d3e853d503c6a81f9793957b48ab34c6808c Reviewed-on: https://code.wireshark.org/review/10156 Petri-Dish: Hadriel Kaplan Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman --- wiretap/file_access.c | 2 ++ wiretap/merge.c | 20 +++++++++++---- wiretap/nettrace_3gpp_32_423.c | 57 ++++++++++++++++++++++++------------------ wiretap/wtap.c | 48 +++++++++++++++++++++++++++++++++++ wiretap/wtap.h | 23 +++++++++++++++++ 5 files changed, 120 insertions(+), 30 deletions(-) (limited to 'wiretap') diff --git a/wiretap/file_access.c b/wiretap/file_access.c index 69604e2371..0ae80a99c9 100644 --- a/wiretap/file_access.c +++ b/wiretap/file_access.c @@ -2169,10 +2169,12 @@ wtap_dump_init_dumper(int file_type_subtype, int encap, int snaplen, gboolean co if ((idb_inf != NULL) && (idb_inf->interface_data->len > 0)) { guint itf_count; + /* XXX: what free's this stuff? */ wdh->interface_data = g_array_new(FALSE, FALSE, sizeof(wtapng_if_descr_t)); for (itf_count = 0; itf_count < idb_inf->interface_data->len; itf_count++) { file_int_data = &g_array_index(idb_inf->interface_data, wtapng_if_descr_t, itf_count); if ((encap != WTAP_ENCAP_PER_PACKET) && (encap != file_int_data->wtap_encap)) { + /* XXX: this does a shallow copy, not a true clone; e.g., comments are not duped */ memcpy(&descr, file_int_data, sizeof(wtapng_if_descr_t)); descr.wtap_encap = encap; descr.link_type = wtap_wtap_encap_to_pcap_encap(encap); diff --git a/wiretap/merge.c b/wiretap/merge.c index 9dbaf9231c..46eae0bce2 100644 --- a/wiretap/merge.c +++ b/wiretap/merge.c @@ -459,8 +459,8 @@ is_duplicate_idb(const wtapng_if_descr_t *idb1, const wtapng_if_descr_t *idb2) static gboolean all_idbs_are_duplicates(const merge_in_file_t *in_files, const guint in_file_count) { - const wtapng_iface_descriptions_t *first_idb_list = NULL; - const wtapng_iface_descriptions_t *other_idb_list = NULL; + wtapng_iface_descriptions_t *first_idb_list = NULL; + wtapng_iface_descriptions_t *other_idb_list = NULL; guint first_idb_list_size, other_idb_list_size; const wtapng_if_descr_t *first_file_idb, *other_file_idb; guint i, j; @@ -482,6 +482,8 @@ all_idbs_are_duplicates(const merge_in_file_t *in_files, const guint in_file_cou if (other_idb_list_size != first_idb_list_size) { merge_debug2("merge::all_idbs_are_duplicates: sizes of IDB lists don't match: first=%u, other=%u", first_idb_list_size, other_idb_list_size); + g_free(other_idb_list); + g_free(first_idb_list); return FALSE; } @@ -491,13 +493,18 @@ all_idbs_are_duplicates(const merge_in_file_t *in_files, const guint in_file_cou if (!is_duplicate_idb(first_file_idb, other_file_idb)) { merge_debug1("merge::all_idbs_are_duplicates: IDBs at index %d do not match, returning FALSE", j); + g_free(other_idb_list); + g_free(first_idb_list); return FALSE; } } + g_free(other_idb_list); } merge_debug0("merge::all_idbs_are_duplicates: returning TRUE"); + g_free(first_idb_list); + return TRUE; } @@ -847,6 +854,8 @@ merge_files(int out_fd, const gchar* out_filename, const int file_type, struct wtap_pkthdr *phdr, snap_phdr; int count = 0; gboolean stop_flag = FALSE; + wtapng_section_t *shb_hdr = NULL; + wtapng_iface_descriptions_t *idb_inf = NULL; g_assert(out_fd > 0); g_assert(in_file_count > 0); @@ -890,9 +899,6 @@ merge_files(int out_fd, const gchar* out_filename, const int file_type, /* prepare the outfile */ if (file_type == WTAP_FILE_TYPE_SUBTYPE_PCAPNG) { - wtapng_section_t *shb_hdr = NULL; - wtapng_iface_descriptions_t *idb_inf = NULL; - shb_hdr = create_shb_header(in_files, in_file_count, app_name); merge_debug0("merge_files: SHB created"); @@ -910,6 +916,8 @@ merge_files(int out_fd, const gchar* out_filename, const int file_type, if (pdh == NULL) { merge_close_in_files(in_file_count, in_files); g_free(in_files); + wtap_free_shb(shb_hdr); + wtap_free_idb_info(idb_inf); return MERGE_ERR_CANT_OPEN_OUTFILE; } @@ -1030,6 +1038,8 @@ merge_files(int out_fd, const gchar* out_filename, const int file_type, } g_free(in_files); + wtap_free_shb(shb_hdr); + wtap_free_idb_info(idb_inf); return status; } diff --git a/wiretap/nettrace_3gpp_32_423.c b/wiretap/nettrace_3gpp_32_423.c index b775455cb5..ae1e82d072 100644 --- a/wiretap/nettrace_3gpp_32_423.c +++ b/wiretap/nettrace_3gpp_32_423.c @@ -274,18 +274,18 @@ create_temp_pcapng_file(wtap *wth, int *err, gchar **err_info, nettrace_3gpp_32_ int import_file_fd; wtap_dumper* wdh_exp_pdu; int exp_pdu_file_err; + wtap_open_return_val result = WTAP_OPEN_MINE; /* pcapng defs */ - wtapng_section_t *shb_hdr; - wtapng_iface_descriptions_t *idb_inf; + wtapng_section_t *shb_hdr = NULL; + wtapng_iface_descriptions_t *idb_inf = NULL; wtapng_if_descr_t int_data; GString *os_info_str; - char *appname; gint64 file_size; int packet_size; - guint8 *packet_buf; + guint8 *packet_buf = NULL; int wrt_err; - gchar *wrt_err_info; + gchar *wrt_err_info = NULL; struct wtap_pkthdr phdr; gboolean do_random = FALSE; @@ -298,8 +298,6 @@ create_temp_pcapng_file(wtap *wth, int *err, gchar **err_info, nettrace_3gpp_32_ os_info_str = g_string_new(""); get_os_version_info(os_info_str); - appname = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info()); - shb_hdr = g_new(wtapng_section_t, 1); shb_hdr->section_length = -1; /* options */ @@ -318,7 +316,7 @@ create_temp_pcapng_file(wtap *wth, int *err, gchar **err_info, nettrace_3gpp_32_ * UTF-8 string containing the name of the application used to create * this section. */ - shb_hdr->shb_user_appl = appname; + shb_hdr->shb_user_appl = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info()); /* Create fake IDB info */ idb_inf = g_new(wtapng_iface_descriptions_t, 1); @@ -347,16 +345,16 @@ create_temp_pcapng_file(wtap *wth, int *err, gchar **err_info, nettrace_3gpp_32_ wdh_exp_pdu = wtap_dump_fdopen_ng(import_file_fd, WTAP_FILE_TYPE_SUBTYPE_PCAPNG, WTAP_ENCAP_WIRESHARK_UPPER_PDU, WTAP_MAX_PACKET_SIZE, FALSE, shb_hdr, idb_inf, NULL, &exp_pdu_file_err); if (wdh_exp_pdu == NULL) { - return WTAP_OPEN_ERROR; + result = WTAP_OPEN_ERROR; + goto end; } - g_free(shb_hdr); - g_free(appname); - /* OK we've opend a new pcap-ng file and written the headers, time to do the packets, strt by finding the file size */ - if ((file_size = wtap_file_size(wth, err)) == -1) - return WTAP_OPEN_ERROR; + if ((file_size = wtap_file_size(wth, err)) == -1) { + result = WTAP_OPEN_ERROR; + goto end; + } if (file_size > MAX_FILE_SIZE) { /* @@ -366,7 +364,8 @@ create_temp_pcapng_file(wtap *wth, int *err, gchar **err_info, nettrace_3gpp_32_ *err = WTAP_ERR_BAD_FILE; *err_info = g_strdup_printf("mime_file: File has %" G_GINT64_MODIFIER "d-byte packet, bigger than maximum of %u", file_size, MAX_FILE_SIZE); - return WTAP_OPEN_ERROR; + result = WTAP_OPEN_ERROR; + goto end; } packet_size = (int)file_size; /* Allocate the packet buffer @@ -393,7 +392,8 @@ create_temp_pcapng_file(wtap *wth, int *err, gchar **err_info, nettrace_3gpp_32_ if (!wtap_read_bytes(wth->fh, packet_buf + 12, packet_size, &wrt_err, &wrt_err_info)){ - return WTAP_OPEN_ERROR; + result = WTAP_OPEN_ERROR; + goto end; } /* Create the packet header */ @@ -413,13 +413,14 @@ create_temp_pcapng_file(wtap *wth, int *err, gchar **err_info, nettrace_3gpp_32_ case WTAP_ERR_UNWRITABLE_REC_DATA: g_free(wrt_err_info); + wrt_err_info = NULL; break; default: break; } - g_free(packet_buf); - return WTAP_OPEN_ERROR; + result = WTAP_OPEN_ERROR; + goto end; } /* Advance *packet_buf to point at the raw file data */ @@ -446,19 +447,18 @@ create_temp_pcapng_file(wtap *wth, int *err, gchar **err_info, nettrace_3gpp_32_ /* Add the raw msg*/ temp_val = write_packet_data(wdh_exp_pdu, &phdr, &wrt_err, &wrt_err_info, curr_pos); if (temp_val != WTAP_OPEN_MINE){ - g_free(packet_buf); - return temp_val; + result = temp_val; + goto end; } curr_pos = next_pos; } /* Close the written file*/ if (!wtap_dump_close(wdh_exp_pdu, err)){ - g_free(packet_buf); - return WTAP_OPEN_ERROR; + result = WTAP_OPEN_ERROR; + goto end; } - g_free(packet_buf); /* Now open the file for reading */ /* Find out if random read was requested */ @@ -469,10 +469,17 @@ create_temp_pcapng_file(wtap *wth, int *err, gchar **err_info, nettrace_3gpp_32_ wtap_open_offline(file_info->tmpname, WTAP_TYPE_AUTO, err, err_info, do_random); if (!file_info->wth_tmp_file){ - return WTAP_OPEN_ERROR; + result = WTAP_OPEN_ERROR; + goto end; } - return WTAP_OPEN_MINE; +end: + g_free(wrt_err_info); + g_free(packet_buf); + wtap_free_shb(shb_hdr); + wtap_free_idb_info(idb_inf); + + return result; } wtap_open_return_val diff --git a/wiretap/wtap.c b/wiretap/wtap.c index 2837b69852..f984bfce4d 100644 --- a/wiretap/wtap.c +++ b/wiretap/wtap.c @@ -263,6 +263,54 @@ wtap_file_get_idb_info(wtap *wth) return idb_info; } +static void +wtap_free_isb_members(wtapng_if_stats_t *isb) +{ + if (isb) { + g_free(isb->opt_comment); + } +} + +static void +wtap_free_idb_members(wtapng_if_descr_t* idb) +{ + if (idb) { + g_free(idb->opt_comment); + g_free(idb->if_os); + g_free(idb->if_name); + g_free(idb->if_description); + g_free(idb->if_filter_str); + g_free(idb->if_filter_bpf_bytes); + if (idb->interface_statistics) { + wtapng_if_stats_t *isb; + guint i; + for (i = 0; i < idb->interface_statistics->len; i++) { + isb = &g_array_index(idb->interface_statistics, wtapng_if_stats_t, i); + wtap_free_isb_members(isb); + } + g_array_free(idb->interface_statistics, TRUE); + } + } +} + +void +wtap_free_idb_info(wtapng_iface_descriptions_t *idb_info) +{ + if (idb_info == NULL) + return; + + if (idb_info->interface_data) { + guint i; + for (i = 0; i < idb_info->interface_data->len; i++) { + wtapng_if_descr_t* idb = &g_array_index(idb_info->interface_data, wtapng_if_descr_t, i); + wtap_free_idb_members(idb); + } + g_array_free(idb_info->interface_data, TRUE); + } + + g_free(idb_info); +} + gchar * wtap_get_debug_if_descr(const wtapng_if_descr_t *if_descr, const int indent, diff --git a/wiretap/wtap.h b/wiretap/wtap.h index 4c53b8706c..8de0c30898 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -1735,6 +1735,21 @@ void wtap_write_shb_comment(wtap *wth, gchar *comment); WS_DLL_PUBLIC wtapng_iface_descriptions_t *wtap_file_get_idb_info(wtap *wth); +/** + * @brief Free's a interface description block and all of its members. + * + * @details This free's all of the interface descriptions inside the passed-in + * struct, including their members (e.g., comments); and then free's the + * passed-in struct as well. + * + * @warning Do not use this for the struct returned by + * wtap_file_get_idb_info(), as that one did not create the internal + * interface descriptions; for that case you can simply g_free() the new + * struct. + */ +WS_DLL_PUBLIC +void wtap_free_idb_info(wtapng_iface_descriptions_t *idb_info); + /** * @brief Gets a debug string of an interface description. * @details Returns a newly allocated string of debug information about @@ -1847,6 +1862,10 @@ wtap_dumper* wtap_dump_open(const char *filename, int file_type_subtype, int enc /** * @brief Opens a new capture file for writing. * + * @note The shb_hdr, idb_inf, and nrb_hdr arguments will be used until + * wtap_dump_close() is called, but will not be free'd by the dumper. If + * you created them, you must free them yourself after wtap_dump_close(). + * * @param filename The new file's name. * @param file_type_subtype The WTAP_FILE_TYPE_SUBTYPE_XXX file type. * @param encap The WTAP_ENCAP_XXX encapsulation type (WTAP_ENCAP_PER_PACKET for multi) @@ -1870,6 +1889,10 @@ wtap_dumper* wtap_dump_fdopen(int fd, int file_type_subtype, int encap, int snap /** * @brief Creates a dumper for an existing file descriptor. * + * @note The shb_hdr, idb_inf, and nrb_hdr arguments will be used until + * wtap_dump_close() is called, but will not be free'd by the dumper. If + * you created them, you must free them yourself after wtap_dump_close(). + * * @param file_type_subtype The WTAP_FILE_TYPE_SUBTYPE_XXX file type. * @param encap The WTAP_ENCAP_XXX encapsulation type (WTAP_ENCAP_PER_PACKET for multi) * @param snaplen The maximum packet capture length. -- cgit v1.2.3