STRLCPY/nanorobeus

Fix leaks
wavvs committed 2 years ago

a58b4a4c

1 parent a446c32c

■ ■ ■ ■ ■ ■

source/entry.c

		skipped 121 lines
122	122		luid.LowPart = MSVCRT$strtol(arg2, NULL, 16);
123	123		if (luid.LowPart == 0 \|\| luid.LowPart == LONG_MAX \|\| luid.LowPart == LONG_MIN) {
124	124		PRINT(dispatch, "[!] Specify valid /luid\n");
125		-	return;
	125	+	goto end;
126	126		}
127	127		} else {
128	128		PRINT(dispatch, "[!] Specify /luid argument\n");
129		-	return;
	129	+	goto end;
130	130		}
131	131		} else if (MSVCRT$strcmp(arg1, "/all") == 0) {
132	132		luid = (LUID){.HighPart = 0, .LowPart = 0};
133	133		} else {
134	134		PRINT(dispatch, "[!] Unknown command\n");
135		-	return;
	135	+	goto end;
136	136		}
137	137		} else {
138	138		LUID* cLuid = GetCurrentLUID(hToken);
139	139		if (cLuid == NULL) {
140	140		PRINT(dispatch, "[!] Unable to get current session LUID: %ld\n", KERNEL32$GetLastError());
141		-	return;
	141	+	goto end;
142	142		}
143		-	luid = *cLuid;
	143	+	luid.HighPart = cLuid->HighPart;
	144	+	luid.LowPart = cLuid->LowPart;
144	145		currentLuid = TRUE;
	146	+	MSVCRT$free(cLuid);
145	147		}
146	148
147	149		if (MSVCRT$strcmp(command, "sessions") == 0) {
		skipped 13 lines
161	163		luid.LowPart = MSVCRT$strtol(arg3, NULL, 16);
162	164		if (luid.LowPart == 0 \|\| luid.LowPart == LONG_MAX \|\| luid.LowPart == LONG_MIN) {
163	165		PRINT(dispatch, "[!] Specify valid /luid\n");
164		-	return;
	166	+	goto end;
165	167		}
166	168		}
167	169		}
		skipped 1 lines
169	171		LUID* cLuid = GetCurrentLUID(hToken);
170	172		if (cLuid == NULL) {
171	173		PRINT(dispatch, "[!] Unable to get current session LUID: %ld\n", KERNEL32$GetLastError());
172		-	return;
	174	+	goto end;
173	175		}
174		-	luid = *cLuid;
	176	+	luid.HighPart = cLuid->HighPart;
	177	+	luid.LowPart = cLuid->LowPart;
175	178		currentLuid = TRUE;
	179	+	MSVCRT$free(cLuid);
176	180		}
177	181		execute_ptt(dispatch, hToken, ticket, luid, currentLuid);
178	182		} else {
179	183		PRINT(dispatch, "[!] Specify Base64 encoded ticket\n");
180		-	return;
	184	+	goto end;
181	185		}
182	186		} else if (MSVCRT$strcmp(command, "purge") == 0) {
183	187		if (MSVCRT$strcmp(arg1, "") != 0) {
		skipped 2 lines
186	190		luid.LowPart = MSVCRT$strtol(arg2, NULL, 16);
187	191		if (luid.LowPart == 0 \|\| luid.LowPart == LONG_MAX \|\| luid.LowPart == LONG_MIN) {
188	192		PRINT(dispatch, "[!] Specify valid /luid\n");
189		-	return;
	193	+	goto end;
190	194		}
191	195		} else {
192	196		PRINT(dispatch, "[!] Specify /luid argument\n");
193		-	return;
	197	+	goto end;
194	198		}
195	199		} else {
196	200		PRINT(dispatch, "[!] Unknown command\n");
197		-	return;
	201	+	goto end;
198	202		}
199	203		} else {
200	204		LUID* cLuid = GetCurrentLUID(hToken);
201	205		if (cLuid == NULL) {
202	206		PRINT(dispatch, "[!] Unable to get current session LUID: %ld\n", KERNEL32$GetLastError());
203		-	return;
	207	+	goto end;
204	208		}
205		-	luid = *cLuid;
	209	+	luid.HighPart = cLuid->HighPart;
	210	+	luid.LowPart = cLuid->LowPart;
206	211		currentLuid = TRUE;
	212	+	MSVCRT$free(cLuid);
207	213		}
208	214		execute_purge(dispatch, hToken, luid, currentLuid);
209	215		} else if (MSVCRT$strcmp(command, "help") == 0) {
		skipped 7 lines
217	223		} else {
218	224		PRINT(dispatch, "[!] Unknown command.\n");
219	225		}
	226	+	end:
220	227		KERNEL32$CloseHandle(hToken);
221	228		}
222	229

■ ■ ■ ■ ■ ■

source/luid.c

		skipped 5 lines
6	6		PRINT(dispatch, "[!] Unable to get current session LUID: %ld\n", KERNEL32$GetLastError());
7	7		return;
8	8		}
9		-
10	9		PRINT(dispatch, "[+] Current LogonId: %lx:0x%lx\n\n", currentLUID->HighPart, currentLUID->LowPart);
	10	+	MSVCRT$free(currentLUID);
11	11		}
12	12
13	13		LUID* GetCurrentLUID(HANDLE TokenHandle) {
		skipped 11 lines

Fix leaks