[ros-diffs] [pschweitzer] 63021: [RAPPS] - Fix memory leaks - Fix null-pointer dereference - Fix user-after-free CID #1206908 CID #1206915 CID #1206921 CID #1207022

27 Apr 2014

Author: pschweitzer
Date: Sun Apr 27 18:29:06 2014
New Revision: 63021

URL: http://svn.reactos.org/svn/reactos?rev=63021&view=rev
Log:
[RAPPS]
- Fix memory leaks
- Fix null-pointer dereference
- Fix user-after-free

CID #1206908
CID #1206915
CID #1206921
CID #1207022

Modified:
    trunk/reactos/base/applications/rapps/available.c
    trunk/reactos/base/applications/rapps/loaddlg.c

Modified: trunk/reactos/base/applications/rapps/available.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/base/applications/rapps/av…
==============================================================================

--- trunk/reactos/base/applications/rapps/available.c	[iso-8859-1] (original)
+++ trunk/reactos/base/applications/rapps/available.c	[iso-8859-1] Sun Apr 27 18:29:06
2014
@@ -179,12 +179,16 @@
     if (!GetLocaleInfoW(GetUserDefaultLCID(), LOCALE_ILANGUAGE,
                         szLocale, sizeof(szLocale) / sizeof(WCHAR)))
     {
+        FindClose(hFind);
         return FALSE;
     }
 
     hr = StringCbCatW(szSectionLocale, sizeof(szSectionLocale), szLocale);
     if (FAILED(hr))
-        return FALSE;
+    {
+        FindClose(hFind);
+        return FALSE;
+    }
 
 #define GET_STRING1(a, b)  \
     if (!ParserGetString(szSectionLocale, a, b, MAX_PATH, FindFileData.cFileName)) \

Modified: trunk/reactos/base/applications/rapps/loaddlg.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/base/applications/rapps/lo…
==============================================================================
--- trunk/reactos/base/applications/rapps/loaddlg.c	[iso-8859-1] (original)
+++ trunk/reactos/base/applications/rapps/loaddlg.c	[iso-8859-1] Sun Apr 27 18:29:06 2014
@@ -205,7 +205,7 @@
 DWORD WINAPI
 ThreadFunc(LPVOID Context)
 {
-    IBindStatusCallback *dl;
+    IBindStatusCallback *dl = NULL;
     WCHAR path[MAX_PATH];
     LPWSTR p;
     HWND Dlg = (HWND) Context;
@@ -262,6 +262,7 @@
     /* download it */
     bTempfile = TRUE;
     dl = CreateDl(Context, &bCancelled);
+    if (dl == NULL) goto end;
 
     hOpen = InternetOpenW(lpszAgent, INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, 0);
     if (!hOpen) goto end;
@@ -282,9 +283,7 @@
         IBindStatusCallback_OnProgress(dl, dwCurrentBytesRead, dwContentLen, 0,
AppInfo->szUrlDownload);
     }
     while (dwBytesRead);
-    
-    CloseHandle(hOut);
-    if (dl) IBindStatusCallback_Release(dl);
+
     if (bCancelled) goto end;
 
     ShowWindow(Dlg, SW_HIDE);
@@ -298,6 +297,8 @@
     CloseHandle(hOut);
     InternetCloseHandle(hFile);
     InternetCloseHandle(hOpen);
+
+    if (dl) IBindStatusCallback_Release(dl);
 
     if (bTempfile)
     {



    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[ros-diffs] [pschweitzer] 63021: [RAPPS] - Fix memory leaks - Fix null-pointer dereference - Fix user-after-free CID #1206908 CID #1206915 CID #1206921 CID #1207022