From f6fa57774646d0e5ca5f131da13538cedc54a89c Mon Sep 17 00:00:00 2001 From: swirl Date: Tue, 28 Sep 2021 21:36:58 -0400 Subject: [PATCH] fix memory leaks --- main.c | 73 ++++++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 56 insertions(+), 17 deletions(-) diff --git a/main.c b/main.c index ea61844..d00e681 100644 --- a/main.c +++ b/main.c @@ -53,7 +53,10 @@ char *get_del_filename(char *link) { } bool paste_exists(char *link) { - return file_exists(get_paste_filename(link)); + char *filename = get_paste_filename(link); + bool ret = file_exists(filename); + free(filename); + return ret; } char *gen_random_link() { @@ -78,11 +81,14 @@ char *gen_del_key(char *link) { } rand_str[16] = 0; sprintf(salt, "$6$%s", rand_str); + free(rand_str); char *use_link = malloc(strlen(link) + strlen(seed) + 1); sprintf(use_link, "%s%s", seed, link); char *del_key = crypt(use_link, salt); + free(salt); + free(use_link); return del_key; } @@ -107,41 +113,63 @@ void handle_post(struct mg_connection *nc, char *content, char *host, char *link } else if (strlen(link) >= 255) { return mg_http_reply(nc, 413, "", "paste link length can not exceed 255 characters"); } else { - short_link = link; + short_link = strdup(link); } if (paste_exists(short_link)) { - return mg_http_reply(nc, 500, "", "a paste named %s already exists", short_link); + mg_http_reply(nc, 500, "", "a paste named %s already exists", short_link); + return free(short_link); + } + + if (strstr(short_link, "/")) { + mg_http_reply(nc, 400, "", "short link can not contain slashes"); + return free(short_link); } #endif - if (!mg_file_write(get_paste_filename(short_link), content, strlen(content))) { - fprintf(stderr, "failed to write to file %s", get_paste_filename(short_link)); - return mg_http_reply(nc, 500, "", "failed to write data"); + char *paste_file = get_paste_filename(short_link); + if (!mg_file_write(paste_file, content, strlen(content))) { + fprintf(stderr, "failed to write to file %s", paste_file); + mg_http_reply(nc, 500, "", "failed to write data"); + free(short_link); + return free(paste_file); } + free(paste_file); char *del_key = gen_del_key(short_link); - if (!mg_file_write(get_del_filename(short_link), del_key, strlen(del_key))) { - fprintf(stderr, "failed to write to file %s", get_del_filename(short_link)); - return mg_http_reply(nc, 500, "", "failed to write data"); + char *del_file = get_del_filename(short_link); + if (!mg_file_write(del_file, del_key, strlen(del_key))) { + fprintf(stderr, "failed to write to file %s", del_file); + mg_http_reply(nc, 500, "", "failed to write data"); + free(short_link); + return free(del_file); } + free(del_file); char *del_header = malloc(256); sprintf(del_header, "X-Delete-With: %s\r\n", del_key); mg_http_reply(nc, 201, del_header, "%s%s/%s", proto, host, short_link); + free(del_header); + free(short_link); } void handle_delete(struct mg_connection *nc, char *link, char *del_key) { if (paste_exists(link)) { - char *key = mg_file_read(get_del_filename(link), NULL); + char *del_file = get_del_filename(link); + char *key = mg_file_read(del_file, NULL); if (strcmp(key, del_key) == 0) { - remove(get_paste_filename(link)); - remove(get_del_filename(link)); + char *paste_file = get_paste_filename(link); + remove(paste_file); + remove(del_file); mg_http_reply(nc, 204, "", ""); + + free(paste_file); } else { mg_http_reply(nc, 403, "", "incorrect deletion key"); } + free(del_file); + free(key); } else { mg_http_reply(nc, 404, "", "this paste does not exist"); } @@ -179,14 +207,18 @@ static void ev_handler(struct mg_connection *nc, int ev, void *p, void *f) { handle_delete(nc, uri, body); } else if (strncmp(hm->method.ptr, "GET", hm->method.len) == 0) { if (strlen(uri) == 0) { - return mg_http_reply(nc, 200, "Content-Type: text/html\r\n", INDEX_HTML, + mg_http_reply(nc, 200, "Content-Type: text/html\r\n", INDEX_HTML, host, host, host, host, host); // FIXME: need better solution + } else { + mg_http_serve_dir(nc, hm, &s_http_server_opts); } - - mg_http_serve_dir(nc, hm, &s_http_server_opts); } else { mg_http_reply(nc, 405, "Allow: GET, POST, DELETE\r\n", ""); } + + free(uri); + free(host); + free(body); } } @@ -241,8 +273,15 @@ int main(int argc, char *argv[]) { printf ("Non-option argument %s\n", argv[index]); } - rec_mkdir(strcat(strdup(data_dir), "/paste")); - rec_mkdir(strcat(strdup(data_dir), "/del")); + char *paste_dir = strcat(strdup(data_dir), "/paste"); + char *del_dir = strcat(strdup(data_dir), "/del"); + + rec_mkdir(paste_dir); + rec_mkdir(del_dir); + + free(paste_dir); + free(del_dir); + struct mg_mgr mgr; struct mg_connection *nc;