Merge pull request #2250 from nvx/linter_fixes

Fix some missing frees, null dereferences and missing initialisation picked up by clang-analyzer
RfidResearchGroup · Jan 15, 2024 · db45aff · db45aff
2 parents 5db2276 + d2d6f80
commit db45aff
Show file tree

Hide file tree

Showing 11 changed files with 24 additions and 15 deletions.
diff --git a/client/deps/hardnested/hardnested_bruteforce.c b/client/deps/hardnested/hardnested_bruteforce.c
@@ -493,6 +493,8 @@ float brute_force_benchmark(void) {
 
     if (!read_bench_data(test_candidates)) {
         PrintAndLogEx(NORMAL, "Couldn't read benchmark data. Assuming brute force rate of %1.0f states per second", DEFAULT_BRUTE_FORCE_RATE);
+        free(test_candidates[0].states[ODD_STATE]);
+        free(test_candidates[0].states[EVEN_STATE]);
         return DEFAULT_BRUTE_FORCE_RATE;
     }
 
@@ -515,5 +517,3 @@ float brute_force_benchmark(void) {
     test_candidates[0].len[EVEN_STATE] = 0;
     return bf_rate;
 }
-
-
diff --git a/client/src/cmdhf14a.c b/client/src/cmdhf14a.c
@@ -832,7 +832,7 @@ int CmdHF14ASim(const char *Cmd) {
 
     clearCommandBuffer();
     SendCommandNG(CMD_HF_ISO14443A_SIMULATE, (uint8_t *)&payload, sizeof(payload));
-    PacketResponseNG resp;
+    PacketResponseNG resp = {0};
 
     sector_t *k_sector = NULL;
     size_t k_sectors_cnt = MIFARE_4K_MAXSECTOR;

diff --git a/client/src/cmdhf15.c b/client/src/cmdhf15.c
@@ -968,6 +968,7 @@ static int CmdHF15Info(const char *Cmd) {
     if (scan) {
         if (getUID(true, false, uid) != PM3_SUCCESS) {
             PrintAndLogEx(WARNING, "no tag found");
+            free(packet);
             return PM3_EINVARG;
         }
         uidlen = HF15_UID_LENGTH;
@@ -1625,6 +1626,7 @@ static int CmdHF15WriteDsfid(const char *Cmd) {
         if (scan) {
             if (getUID(verbose, false, uid) != PM3_SUCCESS) {
                 PrintAndLogEx(WARNING, "no tag found");
+                free(packet);
                 return PM3_EINVARG;
             }
             uidlen = HF15_UID_LENGTH;
@@ -1743,6 +1745,7 @@ static int CmdHF15Dump(const char *Cmd) {
         // default fallback to scan for tag. Overriding unaddress parameter
         if (scan) {
             if (getUID(verbose, false, uid) != PM3_SUCCESS) {
+                free(packet);
                 PrintAndLogEx(WARNING, "no tag found");
                 return PM3_EINVARG;
             }
@@ -2098,6 +2101,7 @@ static int CmdHF15Readmulti(const char *Cmd) {
     if (unaddressed == false) {
         if (scan) {
             if (getUID(verbose, false, uid) != PM3_SUCCESS) {
+                free(packet);
                 PrintAndLogEx(WARNING, "no tag found");
                 return PM3_EINVARG;
             }
@@ -2250,6 +2254,7 @@ static int CmdHF15Readblock(const char *Cmd) {
         // default fallback to scan for tag. Overriding unaddress parameter
         if (scan) {
             if (getUID(verbose, false, uid) != PM3_SUCCESS) {
+                free(packet);
                 PrintAndLogEx(WARNING, "no tag found");
                 return PM3_EINVARG;
             }

diff --git a/client/src/cmdhfcryptorf.c b/client/src/cmdhfcryptorf.c
@@ -281,12 +281,12 @@ static int CmdHFCryptoRFDump(const char *Cmd) {
     bool m512 = arg_get_lit(ctx, 3);
     CLIParserFree(ctx);
 
-    if (m512 + m64 > 1) {
+    if (m512 + m64 != 1) {
         PrintAndLogEx(INFO, "Select only one card memory size");
         return PM3_EINVARG;
     }
 
-    uint16_t cardsize = 0;
+    uint16_t cardsize;
     uint8_t blocks = 0;
     if (m64) {
         cardsize = (512 / 8) + 4;
@@ -550,4 +550,3 @@ int CmdHFCryptoRF(const char *Cmd) {
     clearCommandBuffer();
     return CmdsParse(CommandTable, Cmd);
 }
-
diff --git a/client/src/cmdhfemrtd.c b/client/src/cmdhfemrtd.c
@@ -2043,6 +2043,7 @@ int infoHF_EMRTD_offline(const char *path) {
 
     // coverity scan CID 395630,
     if (data == NULL) {
+        free(filepath);
         return PM3_ESOFT;
     }
 

diff --git a/client/src/cmdlf.c b/client/src/cmdlf.c
@@ -292,6 +292,7 @@ int CmdLFCommandRead(const char *Cmd) {
     payload.samples = samples;
     payload.keep_field_on = keep_field_on;
     payload.verbose = verbose;
+    memset(payload.symbol_extra, 0, sizeof(payload.symbol_extra));
 
     if (add_crc_ht && (cmd_len <= 120)) {
         // Hitag 1, Hitag S, ZX8211
@@ -734,6 +735,7 @@ static int lf_read_internal(bool realtime, bool verbose, uint64_t samples) {
         int result = set_fpga_mode(FPGA_BITSTREAM_LF);
         if (result != PM3_SUCCESS) {
             PrintAndLogEx(FAILED, "failed to load LF bitstream to FPGA");
+            free(realtimeBuf);
             return result;
         }
 
@@ -860,6 +862,7 @@ int lf_sniff(bool realtime, bool verbose, uint64_t samples) {
         int result = set_fpga_mode(FPGA_BITSTREAM_LF);
         if (result != PM3_SUCCESS) {
             PrintAndLogEx(FAILED, "failed to load LF bitstream to FPGA");
+            free(realtimeBuf);
             return result;
         }
 

diff --git a/client/src/cmdlft55xx.c b/client/src/cmdlft55xx.c
@@ -1853,7 +1853,7 @@ static int CmdT55xxReadTrace(const char *Cmd) {
         ct = localtime_r(&now, &tm_buf);
 #endif
 
-        if (data.year > ct->tm_year - 110)
+        if (ct != NULL && (data.year > ct->tm_year - 110))
             data.year += 2000;
         else
             data.year += 2010;
@@ -4419,4 +4419,3 @@ int CmdLFT55XX(const char *Cmd) {
     clearCommandBuffer();
     return CmdsParse(CommandTable, Cmd);
 }
-
diff --git a/client/src/cmdsmartcard.c b/client/src/cmdsmartcard.c
@@ -1091,13 +1091,15 @@ static int CmdSmartBruteforceSFI(const char *Cmd) {
         if (json_is_object(data) == false) {
             PrintAndLogEx(ERR, "\ndata %d is not an object\n", i + 1);
             json_decref(root);
+            free(buf);
             return PM3_ESOFT;
         }
 
         jaid = json_object_get(data, "AID");
         if (json_is_string(jaid) == false) {
             PrintAndLogEx(ERR, "\nAID data [%d] is not a string", i + 1);
             json_decref(root);
+            free(buf);
             return PM3_ESOFT;
         }
 
@@ -1459,5 +1461,3 @@ bool smart_select(bool verbose, smart_card_atr_t *atr) {
 
     return true;
 }
-
-
diff --git a/client/src/scripting.c b/client/src/scripting.c
@@ -1333,11 +1333,12 @@ static int l_cwd(lua_State *L) {
     while (GetCurrentDir(cwd, path_len) == NULL) {
         if (errno == ERANGE) {  // Need bigger buffer
             path_len += 10;      // if buffer was too small add 10 characters and try again
-            cwd = realloc(cwd, path_len);
-            if (cwd == NULL) {
+            char* cwdNew = realloc(cwd, path_len);
+            if (cwdNew == NULL) {
                 free(cwd);
                 return returnToLuaWithError(L, "Failed to allocate memory");
             }
+            cwd = cwdNew;
         } else {
             free(cwd);
             return returnToLuaWithError(L, "Failed to get current working directory");

diff --git a/client/src/uart/uart_win32.c b/client/src/uart/uart_win32.c
@@ -85,13 +85,14 @@ static int uart_reconfigure_timeouts_polling(serial_port sp) {
 serial_port uart_open(const char *pcPortName, uint32_t speed, bool slient) {
     char acPortName[255] = {0};
     serial_port_windows_t *sp = calloc(sizeof(serial_port_windows_t), sizeof(uint8_t));
-    sp->hSocket = INVALID_SOCKET; // default: serial port
 
     if (sp == 0) {
         PrintAndLogEx(WARNING, "UART failed to allocate memory\n");
         return INVALID_SERIAL_PORT;
     }
 
+    sp->hSocket = INVALID_SOCKET; // default: serial port
+
     sp->udpBuffer = NULL;
     rx_empty_counter = 0;
     g_conn.send_via_local_ip = false;

diff --git a/client/src/ui.c b/client/src/ui.c
@@ -119,7 +119,7 @@ int searchHomeFilePath(char **foundpath, const char *subdir, const char *filenam
         pathlen += strlen(subdir);
         char *tmp = realloc(path, pathlen * sizeof(char));
         if (tmp == NULL) {
-            //free(path);
+            free(path);
             return PM3_EMALLOC;
         }
         path = tmp;
@@ -156,7 +156,7 @@ int searchHomeFilePath(char **foundpath, const char *subdir, const char *filenam
     pathlen += strlen(filename);
     char *tmp = realloc(path, pathlen * sizeof(char));
     if (tmp == NULL) {
-        //free(path);
+        free(path);
         return PM3_EMALLOC;
     }