generic-library/libupnp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Backport of svn 403: Bob Ciora's patch for "UpnpCreatePropertySet can leak memory".

Browse Source 
git-svn-id: https://pupnp.svn.sourceforge.net/svnroot/pupnp/branches/branch-1.6.x@466 119443c7-1b9e-41f8-b6fc-b9c35fce742c
This commit is contained in:
Marcelo Roberto Jimenez
2008-07-25 03:42:30 +00:00
parent ffc4668e0b
commit a772b1a754
2 changed files with 61 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
ChangeLog
View File

@@ -29,6 +29,30 @@ Version 1.6.7
CONTENT-TYPE header line size, the length was beeing calculated with CONTENT-TYPE header line size, the length was beeing calculated with
the wrong string, there was a missing colon. the wrong string, there was a missing colon.
2008-06-02 Marcelo Jimenez <mroberto(at)users.sourceforge.net>
* SF Bug Tracker [ 1942285 ]
UpnpCreatePropertySet can leak memory.
Submitted By: Bob Ciora - bobciora
In file upnp/src/api/upnptools.c, function UpnpCreatePropertySet can leak
memory if no additional arguments are passed. This is because of the
'return' statement at (or near) line 554.
The prior call to ixmlParseBufferEx may succeed. This causes a basic ixml
tree to be created. The return statement at line 554 leaves this tree in
memory without cleaning it up.
There are two options: either add code prior to the return at 554 to clean
up the tree, or simply allow a NumArg parameter of 0 to be passed.
I prefer the second method -- there doesn't seem to be any need to pass
*any* arguments to this function.
In my local copy of upnptools.c, I have simply replaced the "return NULL"
in line 554 to "return PropSet".
I've attached the source file.
2008-05-26 Marcelo Jimenez <mroberto(at)users.sourceforge.net> 2008-05-26 Marcelo Jimenez <mroberto(at)users.sourceforge.net>
* SF Bug Tracker [ 1903069 ] * SF Bug Tracker [ 1903069 ]
Subs (not services) not marked 'active' Subs (not services) not marked 'active'

69
upnp/src/api/upnptools.c
View File

@@ -1,36 +1,41 @@
/////////////////////////////////////////////////////////////////////////// /*******************************************************************************
// *
// Copyright (c) 2000-2003 Intel Corporation * Copyright (c) 2000-2003 Intel Corporation
// All rights reserved. * All rights reserved.
// *
// Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are met: * modification, are permitted provided that the following conditions are met:
// *
// * Redistributions of source code must retain the above copyright notice, * * Redistributions of source code must retain the above copyright notice,
// this list of conditions and the following disclaimer. * this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above copyright notice, * * Redistributions in binary form must reproduce the above copyright notice,
// this list of conditions and the following disclaimer in the documentation * this list of conditions and the following disclaimer in the documentation
// and/or other materials provided with the distribution. * and/or other materials provided with the distribution.
// * Neither name of Intel Corporation nor the names of its contributors * * Neither name of Intel Corporation nor the names of its contributors
// may be used to endorse or promote products derived from this software * may be used to endorse or promote products derived from this software
// without specific prior written permission. * without specific prior written permission.
// *
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL OR * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL OR
// CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
// EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
// OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// *
/////////////////////////////////////////////////////////////////////////// ******************************************************************************/
#include "config.h" #include "config.h"
#if EXCLUDE_DOM == 0 #if EXCLUDE_DOM == 0
#include <stdarg.h> #include <stdarg.h>
#include "upnptools.h" #include "upnptools.h"
#include "uri.h" #include "uri.h"
@@ -550,8 +555,8 @@ UpnpCreatePropertySet( IN int NumArg,
return NULL; return NULL;
} }
if( NumArg < 1 ) { if (NumArg < 1) {
return NULL; return PropSet;
} }
va_start( ArgList, Arg ); va_start( ArgList, Arg );