Commit 3ffaab0c authored by anonymous's avatar anonymous
Browse files

Check memory allocations

parent befe2eac
......@@ -53,6 +53,10 @@ int file_mkpath(const char *path)
char *dir = str_dup(path);
char *end = dir;
if (!dir) {
return -1;
}
while (*end == '/')
end++;
......@@ -82,7 +86,11 @@ char *file_get_cache_dir(void)
char *cache = file_get_cache_home();
char *dir;
dir = str_printf("%s/%s", cache ? cache : "/tmp/", BDPLUS_DIR);
if (!cache) {
return NULL;
}
dir = str_printf("%s/%s", cache, BDPLUS_DIR);
X_FREE(cache);
file_mkpath(dir);
......@@ -92,7 +100,13 @@ char *file_get_cache_dir(void)
static char *_probe_config_dir(const char *base, const char *vm, const char *file)
{
char *dir = str_printf("%s/%s/%s/%s", base, BDPLUS_DIR, vm, file);
FILE *fp = fopen(dir, "r");
FILE *fp;
if (!dir) {
return NULL;
}
fp = fopen(dir, "r");
if (fp) {
fclose(fp);
......@@ -120,6 +134,9 @@ char *file_get_config_dir(const char *file)
/* try home directory */
config_home = file_get_config_home();
if (!config_home) {
return NULL;
}
dir = _probe_config_dir(config_home, vm, file);
X_FREE(config_home);
if (dir) {
......@@ -176,6 +193,10 @@ char *file_load(const char *path, uint32_t *p_size)
char *mem;
FILE *fp;
if (!path) {
return NULL;
}
fp = fopen(path, "rb");
if (!fp) {
......
......@@ -27,6 +27,7 @@
#include "util/macro.h"
#include "util/strutl.h"
#include "util/logging.h"
#include <stdio.h>
#include <stdlib.h>
......@@ -63,6 +64,11 @@ BDPLUS_FILE_H *file_open_default(void *handle, const char* file_name)
FILE *fp;
file_path = str_printf("%s"DIR_SEP"%s", device_root, file_name);
if (!file_path) {
BD_DEBUG(DBG_CRIT, "out of memory\n");
return NULL;
}
fp = fopen(file_path, "rb");
X_FREE(file_path);
......
......@@ -92,25 +92,31 @@ int32_t bdplus_get_code_date(bdplus_t *plus)
static char *_slots_file(void)
{
char *base = file_get_cache_dir();
char *result;
result = str_printf("%s/slots.bin", base ? base : "/tmp/");
X_FREE(base);
char *result = NULL;
if (base) {
result = str_printf("%s/slots.bin", base);
X_FREE(base);
}
return result;
}
static void _load_slots(bdplus_t *plus)
{
char *file_name = _slots_file();
bdplus_load_slots(plus, file_name);
X_FREE(file_name);
if (file_name) {
bdplus_load_slots(plus, file_name);
X_FREE(file_name);
}
}
static void _save_slots(bdplus_t *plus)
{
char *file_name = _slots_file();
file_mkpath(file_name);
bdplus_save_slots(plus, file_name);
X_FREE(file_name);
if (file_name) {
file_mkpath(file_name);
bdplus_save_slots(plus, file_name);
X_FREE(file_name);
}
}
bdplus_t *bdplus_init(const char *path, const char *config_path, const uint8_t *vid)
......@@ -150,14 +156,22 @@ bdplus_t *bdplus_init(const char *path, const char *config_path, const uint8_t *
plus->attachedStatus[1] = 7;
if (path) {
plus->device_path = (char*)malloc(strlen(path) + 1);
strcpy(plus->device_path, path);
plus->device_path = str_dup(path);
if (!plus->device_path) {
BD_DEBUG(DBG_BDPLUS | DBG_CRIT, "out of memory\n");
bdplus_free(plus);
return NULL;
}
plus->config->fopen_handle = plus->device_path;
plus->config->fopen = file_open_default;
}
plus->mutex = calloc(1, sizeof(BD_MUTEX));
if (!plus->mutex) {
BD_DEBUG(DBG_BDPLUS | DBG_CRIT, "out of memory\n");
bdplus_free(plus);
return NULL;
}
bd_mutex_init(plus->mutex);
if (plus->config->fopen) {
......@@ -224,7 +238,9 @@ void bdplus_free(bdplus_t *plus)
return;
}
bd_mutex_lock(plus->mutex);
if (plus->mutex) {
bd_mutex_lock(plus->mutex);
}
if (plus->started) {
bdplus_run_shutdown(plus);
......@@ -238,8 +254,11 @@ void bdplus_free(bdplus_t *plus)
if (plus->conv_tab) {
char *file = bdplus_disc_cache_file(plus, "convtab.bin");
FILE *fp = fopen(file, "wb");
X_FREE(file);
FILE *fp = NULL;
if (file) {
fp = fopen(file, "wb");
X_FREE(file);
}
if (fp) {
segment_save(plus->conv_tab, fp);
fclose(fp);
......@@ -251,9 +270,11 @@ void bdplus_free(bdplus_t *plus)
bdplus_config_free(&plus->config);
bd_mutex_unlock(plus->mutex);
bd_mutex_destroy(plus->mutex);
X_FREE(plus->mutex);
if (plus->mutex) {
bd_mutex_unlock(plus->mutex);
bd_mutex_destroy(plus->mutex);
X_FREE(plus->mutex);
}
X_FREE(plus);
}
......
......@@ -45,6 +45,10 @@ static int _load_aes_keys(bdplus_aes_key_t *aes_keys, const char *base)
uint32_t size = 0;
uint32_t num_keys, ii;
if (!path) {
return -1;
}
keys = (uint8_t *)file_load(path, &size);
X_FREE(path);
......@@ -71,6 +75,10 @@ static int _load_ecdsa_keys(bdplus_ecdsa_key_t *ecdsa_keys, const char *base)
char *cfg;
int num_ecdsa_keys = 0;
if (!path) {
return -1;
}
cfg = file_load(path, NULL);
X_FREE(path);
......@@ -109,10 +117,19 @@ static int _load_ram(bdplus_ram_t **p, const char *base, uint32_t address, const
if (!*p) {
*p = calloc(1, sizeof(bdplus_ram_t));
if (!*p) {
return 0;
}
}
ram = *p;
void *tmp = ram->area;
ram->area = realloc(ram->area, (ram->num_area + 1) * sizeof(*ram->area));
if (!ram->area) {
X_FREE(tmp);
BD_DEBUG(DBG_CRIT, "out of memory\n");
return 0;
}
memset(&ram->area[ram->num_area], 0, sizeof(ram->area[ram->num_area]));
ram->area[ram->num_area].start_address = address;
......@@ -128,10 +145,12 @@ static int _load_ram(bdplus_ram_t **p, const char *base, uint32_t address, const
} else {
/* load from file */
char *path = str_printf("%s/%s", base, file);
if (!path) {
return 0;
}
ram->area[ram->num_area].memory = file_load(path, &ram->area[ram->num_area].size);
ram->area[ram->num_area].mem = ram->area[ram->num_area].memory;
X_FREE(path);
if (!ram->area[ram->num_area].mem) {
......@@ -165,6 +184,9 @@ static int _load_dev_discovery(bdplus_dev_t *dev, const char *base)
for (ii = 0; ii < MAX_DEV_DISCOVERY; ii++) {
char *path = str_printf("%s/" DEV_DISCOVERY_FILE, base, ii + 1);
if (!path) {
break;
}
dev[ii].mem = (uint8_t *)file_load(path, &dev[ii].size);
X_FREE(path);
if (!dev[ii].mem) {
......@@ -192,11 +214,13 @@ static int _load_memory(bdplus_ram_t **ram, const char *base)
{
const char *p;
char *path;
char *cfg;
char *cfg = NULL;
path = str_printf("%s/" MEMORY_MAP_FILE, base);
cfg = file_load(path, NULL);
X_FREE(path);
if (path) {
cfg = file_load(path, NULL);
X_FREE(path);
}
if (!cfg) {
BD_DEBUG(DBG_FILE | DBG_CRIT, "Error loading memory map file '"MEMORY_MAP_FILE"'\n");
......@@ -246,6 +270,10 @@ int bdplus_config_load(const char *config_path,
{
bdplus_config_free(p_config);
bdplus_config_t *config = *p_config = calloc(1, sizeof(bdplus_config_t));
if (!config) {
BD_DEBUG(DBG_FILE | DBG_CRIT, "out of memory\n");
return -1;
}
char *base = NULL;
if (!config_path) {
......@@ -261,6 +289,11 @@ int bdplus_config_load(const char *config_path,
config->ecdsa_keys = calloc(MAX_ECDSA_KEYS, sizeof(bdplus_ecdsa_key_t));
config->dev = calloc(MAX_DEV_DISCOVERY, sizeof(bdplus_dev_t));
if (!config->aes_keys || !config->ecdsa_keys || !config->dev) {
BD_DEBUG(DBG_FILE | DBG_CRIT, "out of memory\n");
return -1;
}
config->num_aes_keys = _load_aes_keys(config->aes_keys, config_path);
if (config->num_aes_keys < 0) {
BD_DEBUG(DBG_FILE | DBG_CRIT, "Player AES keys not found\n");
......
......@@ -59,12 +59,14 @@ VM *dlx_initVM(struct bdplus_s *plus)
{
VM *vm = calloc(1, sizeof(VM));
if (!vm) {
BD_DEBUG(DBG_BDPLUS | DBG_CRIT, "out of memory\n");
return NULL;
}
vm->size = DLX_MEMORY_SIZE;
vm->addr = (uint8_t *)malloc(vm->size);
if (!vm->addr) {
BD_DEBUG(DBG_BDPLUS | DBG_CRIT, "out of memory\n");
X_FREE(vm);
return NULL;
}
......
......@@ -1046,9 +1046,12 @@ bdplus_st_t *segment_set_m2ts(conv_table_t *ct, uint32_t m2ts)
// entry so we have to find them again.
bdplus_st_t *st = calloc(1, sizeof(*st));
if (!st) {
BD_DEBUG(DBG_CRIT, "out of memory\n");
return NULL;
}
st->stream_table = table;
st->table = ct;
BD_DEBUG(DBG_BDPLUS,"[segment] settable(%05u.m2ts): %p\n", m2ts, st);
return st;
......
......@@ -740,18 +740,22 @@ uint32_t TRAP_Sha1(sha_t **sha_head, uint8_t *dst, uint8_t *src, uint32_t len, u
BD_DEBUG(DBG_BDPLUS_TRAP,"[trap] TRAP_Sha1(INIT)\n");
matched_ctx = get_sha_ctx(sha_head, dst);
memset(dst, 0, 352); //352, according to jumper snapshots
if (matched_ctx) {
sha_SHA1_Init(&matched_ctx->sha);
// Call UPDATE if we were also given data
TRAP_Sha1(sha_head, dst, src, len, SHA_UPDATE);
}
break;
case SHA_UPDATE:
BD_DEBUG(DBG_BDPLUS_TRAP,"[trap] TRAP_Sha1(UPDATE)\n");
matched_ctx = get_sha_ctx(sha_head, dst);
if (matched_ctx) {
sha_SHA1_Update(&matched_ctx->sha, src, len);
// This call is not required, only here to make "dst" be identical
// to reference player.
sha_reference(dst, &matched_ctx->sha);
}
break;
case SHA_FINAL:
......@@ -760,6 +764,7 @@ uint32_t TRAP_Sha1(sha_t **sha_head, uint8_t *dst, uint8_t *src, uint32_t len, u
BD_DEBUG(DBG_BDPLUS_TRAP,"[trap] TRAP_Sha1(FINAL)\n");
matched_ctx = get_sha_ctx(sha_head, dst);
if (matched_ctx) {
// UPDATE if we were also given data.
TRAP_Sha1(sha_head, dst, src, len, SHA_UPDATE);
// Call FINAL.
......@@ -769,7 +774,7 @@ uint32_t TRAP_Sha1(sha_t **sha_head, uint8_t *dst, uint8_t *src, uint32_t len, u
memcpy(dst, digest, sizeof(digest));
free_sha_ctx(sha_head, matched_ctx);
}
break;
}
......@@ -1162,6 +1167,10 @@ uint32_t TRAP_LoadContentCode(bdplus_config_t *config, uint8_t *FileName, uint32
// Build the real filename.
fname = str_printf("BDSVM/%s.svm", (char *) FileName);
if (!fname) {
BD_DEBUG(DBG_BDPLUS | DBG_CRIT, "out of memory\n");
return STATUS_INVALID_PARAMETER;
}
BD_DEBUG(DBG_BDPLUS,"[TRAP] reading '%s': unknown %08X\n", fname, Unknown);
......
......@@ -20,12 +20,18 @@
#include "trap_helper.h"
#include "util/logging.h"
#include <stdlib.h>
#include <string.h>
static sha_t *_new_sha_ctx(uint8_t *dst)
{
sha_t *ctx = malloc(sizeof(sha_t));
if (!ctx) {
BD_DEBUG(DBG_CRIT, "out of memory\n");
return NULL;
}
memset(ctx, 0, sizeof(sha_t));
ctx->dst = dst;
return ctx;
......@@ -53,8 +59,10 @@ sha_t *get_sha_ctx(sha_t **ctx_head, uint8_t *dst) {
/* if the dst in question isn't found, allocate space for it */
ctx_new = _new_sha_ctx(dst);
ctx_curr->next = ctx_new;
ctx_new->prev = ctx_curr;
if (ctx_new) {
ctx_curr->next = ctx_new;
ctx_new->prev = ctx_curr;
}
return ctx_new;
}
......
......@@ -84,6 +84,9 @@ int32_t bdplus_load_svm(bdplus_t *plus, const char *fname)
dlx_freeVM(&plus->vm);
plus->vm = dlx_initVM(plus);
if (!plus->vm) {
return -1;
}
fp = file_open(plus->config, fname);
if (!fp) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment