freefirex
commented
4 years ago Very good find, I missed that one in my review. I appreciate you pointing this out!
Closed JohnLaTwC closed 4 years ago
freefirex
commented
4 years ago Very good find, I missed that one in my review. I appreciate you pointing this out!
I am not a C++ expert, but I would suggest an additional look at this free: https://github.com/trustedsec/CS-Situational-Awareness-BOF/blob/b6de70e08884c7597898b478fd488a38c118d1e7/src/SA/ldapsearch/entry.c#L319
All the other variables being freed are declared and initialized at function entry. However, ppValue is not declared or initialized until line 228: https://github.com/trustedsec/CS-Situational-Awareness-BOF/blob/b6de70e08884c7597898b478fd488a38c118d1e7/src/SA/ldapsearch/entry.c#L228
There are several code paths which skip this declaration and initialization, notably on lines lines
182,193,201,213,218, whichgoto endon error conditions. If the initialization ofppValuewas skipped by thegoto,ldap_value_freemay be called on an uninitialized variable and hence a wild free.