syscare/0034-upatch-manage-fix-memory-leak.patch

From 93a0c2c9d1ad383758b595fa551b43366d82d047 Mon Sep 17 00:00:00 2001
From: liuxiaobo <liuxiaobo19@huawei.com>
Date: Thu, 27 Jun 2024 16:22:02 +0800
Subject: [PATCH] upatch-manage: fix memory leak

Signed-off-by: liuxiaobo <liuxiaobo19@huawei.com>
---
 upatch-manage/arch/x86_64/ptrace.c |  7 ++--
 upatch-manage/upatch-process.c     | 61 ++++++++++++++++++------------
 2 files changed, 39 insertions(+), 29 deletions(-)

diff --git a/upatch-manage/arch/x86_64/ptrace.c b/upatch-manage/arch/x86_64/ptrace.c
index 3d6dd72..95e2710 100644
--- a/upatch-manage/arch/x86_64/ptrace.c
+++ b/upatch-manage/arch/x86_64/ptrace.c
@@ -173,9 +173,8 @@ size_t get_upatch_addr_len()
     return UPATCH_ADDR_LEN;
 }
 
-
 unsigned long get_new_insn(void)
 {
-	char jmp_insn[] = { 0xff, 0x25, 0x00, 0x00, 0x00, 0x00};
-	return *(unsigned long *)jmp_insn;
-}
\ No newline at end of file
+	// ASM: jmp word ptr [di] (FF25 0000 0000 0000)
+	return 0x25FF;
+}
diff --git a/upatch-manage/upatch-process.c b/upatch-manage/upatch-process.c
index 3b8db3b..84ec030 100644
--- a/upatch-manage/upatch-process.c
+++ b/upatch-manage/upatch-process.c
@@ -385,6 +385,40 @@ process_new_object(struct upatch_process *proc, dev_t dev, ino_t inode,
 	return o;
 }
 
+static int add_upatch_object(struct upatch_process *proc,
+	struct object_file *o, unsigned long src, unsigned char *header_buf)
+{
+	struct object_patch *opatch;
+
+	opatch = malloc(sizeof(struct object_patch));
+	if (opatch == NULL) {
+		log_error("malloc opatch failed\n");
+		return -1;
+	}
+
+	opatch->uinfo = malloc(sizeof(struct upatch_info));
+	if (opatch->uinfo == NULL) {
+		log_error("malloc opatch->uinfo failed\n");
+		free(opatch);
+		return -1;
+	}
+
+	memcpy(opatch->uinfo, header_buf, sizeof(struct upatch_info));
+	opatch->funcs = malloc(opatch->uinfo->changed_func_num *
+			       sizeof(struct upatch_info_func));
+	if (upatch_process_mem_read(proc, src, opatch->funcs,
+		opatch->uinfo->changed_func_num * sizeof(struct upatch_info_func))) {
+		log_error("can't read patch funcs at 0x%lx\n", src);
+		free(opatch->uinfo);
+		free(opatch);
+		return -1;
+	}
+	list_add(&opatch->list, &o->applied_patch);
+	o->num_applied_patch++;
+	o->is_patch = 1;
+
+	return 0;
+}
 /**
  * Returns: 0 if everything is ok, -1 on error.
  */
@@ -420,33 +454,10 @@ static int process_add_object_vma(struct upatch_process *proc, dev_t dev,
 	}
 
 	if (object_type == OBJECT_UPATCH) {
-		struct object_patch *opatch;
-
-		opatch = malloc(sizeof(struct object_patch));
-		if (opatch == NULL) {
-			return -1;
-		}
-
-		opatch->uinfo = malloc(sizeof(struct upatch_info));
-		if (opatch->uinfo == NULL) {
-			return -1;
-		}
-
-		memcpy(opatch->uinfo, header_buf, sizeof(struct upatch_info));
-		opatch->funcs = malloc(opatch->uinfo->changed_func_num *
-				       sizeof(struct upatch_info_func));
-		if (upatch_process_mem_read(
-			    proc, vma->start + sizeof(struct upatch_info),
-			    opatch->funcs,
-			    opatch->uinfo->changed_func_num *
-				    sizeof(struct upatch_info_func))) {
-			log_error("can't read patch funcs at 0x%lx\n",
-				  vma->start + sizeof(struct upatch_info));
+		unsigned long src = vma->start + sizeof(struct upatch_info);
+		if (add_upatch_object(proc, o, src, header_buf) != 0) {
 			return -1;
 		}
-		list_add(&opatch->list, &o->applied_patch);
-		o->num_applied_patch++;
-		o->is_patch = 1;
 	}
 	if (object_type == OBJECT_ELF) {
 		o->is_elf = 1;
-- 
2.34.1
update to 1.2.1-10 Signed-off-by: renoseven <dev@renoseven.net> 2024-08-16 10:31:54 +08:00			`From 93a0c2c9d1ad383758b595fa551b43366d82d047 Mon Sep 17 00:00:00 2001`
			`From: liuxiaobo <liuxiaobo19@huawei.com>`
			`Date: Thu, 27 Jun 2024 16:22:02 +0800`
			`Subject: [PATCH] upatch-manage: fix memory leak`

			`Signed-off-by: liuxiaobo <liuxiaobo19@huawei.com>`
			`---`
			`upatch-manage/arch/x86_64/ptrace.c \| 7 ++--`
			`upatch-manage/upatch-process.c \| 61 ++++++++++++++++++------------`
			`2 files changed, 39 insertions(+), 29 deletions(-)`

			`diff --git a/upatch-manage/arch/x86_64/ptrace.c b/upatch-manage/arch/x86_64/ptrace.c`
			`index 3d6dd72..95e2710 100644`
			`--- a/upatch-manage/arch/x86_64/ptrace.c`
			`+++ b/upatch-manage/arch/x86_64/ptrace.c`
			`@@ -173,9 +173,8 @@ size_t get_upatch_addr_len()`
			`return UPATCH_ADDR_LEN;`
			`}`

			`-`
			`unsigned long get_new_insn(void)`
			`{`
			`- char jmp_insn[] = { 0xff, 0x25, 0x00, 0x00, 0x00, 0x00};`
			`- return (unsigned long )jmp_insn;`
			`-}`
			`\ No newline at end of file`
			`+ // ASM: jmp word ptr [di] (FF25 0000 0000 0000)`
			`+ return 0x25FF;`
			`+}`
			`diff --git a/upatch-manage/upatch-process.c b/upatch-manage/upatch-process.c`
			`index 3b8db3b..84ec030 100644`
			`--- a/upatch-manage/upatch-process.c`
			`+++ b/upatch-manage/upatch-process.c`
			`@@ -385,6 +385,40 @@ process_new_object(struct upatch_process *proc, dev_t dev, ino_t inode,`
			`return o;`
			`}`

			`+static int add_upatch_object(struct upatch_process *proc,`
			`+ struct object_file o, unsigned long src, unsigned char header_buf)`
			`+{`
			`+ struct object_patch *opatch;`
			`+`
			`+ opatch = malloc(sizeof(struct object_patch));`
			`+ if (opatch == NULL) {`
			`+ log_error("malloc opatch failed\n");`
			`+ return -1;`
			`+ }`
			`+`
			`+ opatch->uinfo = malloc(sizeof(struct upatch_info));`
			`+ if (opatch->uinfo == NULL) {`
			`+ log_error("malloc opatch->uinfo failed\n");`
			`+ free(opatch);`
			`+ return -1;`
			`+ }`
			`+`
			`+ memcpy(opatch->uinfo, header_buf, sizeof(struct upatch_info));`
			`+ opatch->funcs = malloc(opatch->uinfo->changed_func_num *`
			`+ sizeof(struct upatch_info_func));`
			`+ if (upatch_process_mem_read(proc, src, opatch->funcs,`
			`+ opatch->uinfo->changed_func_num * sizeof(struct upatch_info_func))) {`
			`+ log_error("can't read patch funcs at 0x%lx\n", src);`
			`+ free(opatch->uinfo);`
			`+ free(opatch);`
			`+ return -1;`
			`+ }`
			`+ list_add(&opatch->list, &o->applied_patch);`
			`+ o->num_applied_patch++;`
			`+ o->is_patch = 1;`
			`+`
			`+ return 0;`
			`+}`
			`/**`
			`* Returns: 0 if everything is ok, -1 on error.`
			`*/`
			`@@ -420,33 +454,10 @@ static int process_add_object_vma(struct upatch_process *proc, dev_t dev,`
			`}`

			`if (object_type == OBJECT_UPATCH) {`
			`- struct object_patch *opatch;`
			`-`
			`- opatch = malloc(sizeof(struct object_patch));`
			`- if (opatch == NULL) {`
			`- return -1;`
			`- }`
			`-`
			`- opatch->uinfo = malloc(sizeof(struct upatch_info));`
			`- if (opatch->uinfo == NULL) {`
			`- return -1;`
			`- }`
			`-`
			`- memcpy(opatch->uinfo, header_buf, sizeof(struct upatch_info));`
			`- opatch->funcs = malloc(opatch->uinfo->changed_func_num *`
			`- sizeof(struct upatch_info_func));`
			`- if (upatch_process_mem_read(`
			`- proc, vma->start + sizeof(struct upatch_info),`
			`- opatch->funcs,`
			`- opatch->uinfo->changed_func_num *`
			`- sizeof(struct upatch_info_func))) {`
			`- log_error("can't read patch funcs at 0x%lx\n",`
			`- vma->start + sizeof(struct upatch_info));`
			`+ unsigned long src = vma->start + sizeof(struct upatch_info);`
			`+ if (add_upatch_object(proc, o, src, header_buf) != 0) {`
			`return -1;`
			`}`
			`- list_add(&opatch->list, &o->applied_patch);`
			`- o->num_applied_patch++;`
			`- o->is_patch = 1;`
			`}`
			`if (object_type == OBJECT_ELF) {`
			`o->is_elf = 1;`
			`--`
			`2.34.1`