From 6ab2ed787e886fd87ba81e7ec510588da3c0e216 Mon Sep 17 00:00:00 2001 From: Iain Patterson Date: Thu, 21 Jul 2016 17:09:32 +0100 Subject: [PATCH] Don't leak memory in get_service_dependencies(). Ensure we free qsc when there are no dependencies. Ensure we free qsc when we couldn't allocate a buffer. Free the buffer and zero its pointer's size when there are no dependencies. --- service.cpp | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/service.cpp b/service.cpp index 79c2f56..91435db 100644 --- a/service.cpp +++ b/service.cpp @@ -562,8 +562,10 @@ int get_service_dependencies(const TCHAR *service_name, SC_HANDLE service_handle QUERY_SERVICE_CONFIG *qsc = query_service_config(service_name, service_handle); if (! qsc) return 3; - if (! qsc->lpDependencies) return 0; - if (! qsc->lpDependencies[0]) return 0; + if (! qsc->lpDependencies || ! qsc->lpDependencies[0]) { + HeapFree(GetProcessHeap(), 0, qsc); + return 0; + } /* lpDependencies is doubly NULL terminated. */ while (qsc->lpDependencies[*bufsize]) { @@ -577,6 +579,7 @@ int get_service_dependencies(const TCHAR *service_name, SC_HANDLE service_handle if (! *buffer) { *bufsize = 0; print_message(stderr, NSSM_MESSAGE_OUT_OF_MEMORY, _T("lpDependencies"), _T("get_service_dependencies()")); + HeapFree(GetProcessHeap(), 0, qsc); return 4; } @@ -601,6 +604,12 @@ int get_service_dependencies(const TCHAR *service_name, SC_HANDLE service_handle HeapFree(GetProcessHeap(), 0, qsc); + if (! *buffer[0]) { + HeapFree(GetProcessHeap(), 0, *buffer); + *buffer = 0; + *bufsize = 0; + } + return 0; } -- 2.20.1