From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <3Aqd0XggKDh0F37GGB5A9HH9E7.5HF7E8NMBEL-67O7ELHNK57P3K7.HK9@flex--maennich.bounces.google.com>
Received: from mail-wr1-x449.google.com (mail-wr1-x449.google.com
 [IPv6:2a00:1450:4864:20::449])
 by sourceware.org (Postfix) with ESMTPS id CBD8D385E82F
 for <elfutils-devel@sourceware.org>; Fri, 20 Mar 2020 11:20:35 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org CBD8D385E82F
Received: by mail-wr1-x449.google.com with SMTP id u12so2485684wrw.10
 for <elfutils-devel@sourceware.org>; Fri, 20 Mar 2020 04:20:35 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:date:in-reply-to:message-id:mime-version
 :references:subject:from:to:cc;
 bh=dyqwkXROte4PAZMvOgFODUeY+mM7Sv5Mt2xhuSIR6Ds=;
 b=o8PTnuG+gmyNaXvrIKLJd0X7adYNcPwKXdrtz3os5g1/adcANDXuzIACTLz0nNExRV
 SBxgABl27Su/iNOXfmUIXnfOFo8LrYwQ3Xm9IRFgwjaYHisZiFSqkJv4ea92nEbf7C0M
 c4GxtZTbFfVsuOLJDVgzJ49QCPEk+WuikyUUc7mst5qD6xqWD27iHF/Ma//b6y/DMTMa
 H19oAoGeYrUgiNKOPIS9MK5QogsmgWxnX3pVimZU6m84WuemGQrIFLIzbUIMwGerSZgl
 kGfs6jRnJ864xoMVXuTAa/73NtD0OIzYcVUkH1ZSrD19jRUqp/5SdhxOXDF8OQawIWUN
 yejw==
X-Gm-Message-State: ANhLgQ1QdW9LgQ2NVWDBlycpxchcoyJkxR6SMxzc2ulrqayJdJ+7SSFg
 4F86lnMwOdW205WaYCrAFGS2c7K9v7hvj8lJ5gxWg7H9mIpylXOrb7hBDtLKA4emPuICQxL+cla
 v2G8H7cpJvdKWdb4C3LcUXqNkgFv5kNcPWZZx+hYV4DJuFGzqDxujZ1w4L/hzxJDqKorh6hpabL
 5b
X-Google-Smtp-Source: ADFU+vubEd6C/ihqD5Ps15XiuA9QOuPjokBuPzTzbcOve2CCMX0cWxBm09bLa3qkndVg9kR6VzGpv5iMd9K7ZQ==
X-Received: by 2002:a5d:6289:: with SMTP id k9mr10209490wru.36.1584703234384; 
 Fri, 20 Mar 2020 04:20:34 -0700 (PDT)
Date: Fri, 20 Mar 2020 12:17:55 +0100
In-Reply-To: <20200315220329.82201-1-maennich@google.com>
Message-Id: <20200320111755.67258-1-maennich@google.com>
Mime-Version: 1.0
References: <20200315220329.82201-1-maennich@google.com>
X-Mailer: git-send-email 2.25.1.696.g5e7596f4ac-goog
Subject: [PATCH v2] libelf: {de,}compress: ensure zlib resource cleanup
From: Matthias Maennich <maennich@google.com>
To: elfutils-devel@sourceware.org
Cc: kernel-team@android.com, maennich@google.com
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-34.6 required=5.0 tests=BAYES_00, DKIMWL_WL_MED,
 DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0,
 GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,
 SPF_PASS, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: elfutils-devel@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Elfutils-devel mailing list <elfutils-devel.sourceware.org>
List-Unsubscribe: <http://sourceware.org/mailman/options/elfutils-devel>,
 <mailto:elfutils-devel-request@sourceware.org?subject=unsubscribe>
List-Archive: <http://sourceware.org/pipermail/elfutils-devel/>
List-Help: <mailto:elfutils-devel-request@sourceware.org?subject=help>
List-Subscribe: <http://sourceware.org/mailman/listinfo/elfutils-devel>,
 <mailto:elfutils-devel-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Mar 2020 11:20:37 -0000

__libelf_decompress would only cleanup zlib resources via inflateEnd()
in case inflating was successful, but would leak memory if not. Fix this
by calling inflateEnd() unconditionally.

__libelf_decompress did this all the time already, but called
deflateEnd() twice. That is not a (known) issue, but can be cleaned up
by ensuring all error paths use 'return deflate_cleanup' and the success
path calls deflateEnd() only once. Note, the deflate() needs to return
Z_STREAM_END to indicate we are done. Hence change the condition.

Fixes: 272018bba1f2 ("libelf: Add elf_compress and elf_compress_gnu.")
Signed-off-by: Matthias Maennich <maennich@google.com>
---
 libelf/elf_compress.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/libelf/elf_compress.c b/libelf/elf_compress.c
index 244467b5e3ae..b1b896890ff7 100644
--- a/libelf/elf_compress.c
+++ b/libelf/elf_compress.c
@@ -115,7 +115,7 @@ __libelf_compress (Elf_Scn *scn, size_t hsize, int ei_data,
     {
       free (out_buf);
       __libelf_seterrno (ELF_E_COMPRESS_ERROR);
-      return NULL;
+      return deflate_cleanup(NULL, NULL);
     }
 
   Elf_Data cdata;
@@ -197,13 +197,13 @@ __libelf_compress (Elf_Scn *scn, size_t hsize, int ei_data,
     }
   while (flush != Z_FINISH); /* More data blocks.  */
 
-  zrc = deflateEnd (&z);
-  if (zrc != Z_OK)
+  if (zrc != Z_STREAM_END)
     {
       __libelf_seterrno (ELF_E_COMPRESS_ERROR);
       return deflate_cleanup (NULL, NULL);
     }
 
+  deflateEnd (&z);
   *new_size = used;
   return out_buf;
 }
@@ -251,16 +251,15 @@ __libelf_decompress (void *buf_in, size_t size_in, size_t size_out)
 	}
       zrc = inflateReset (&z);
     }
-  if (likely (zrc == Z_OK))
-    zrc = inflateEnd (&z);
 
   if (unlikely (zrc != Z_OK) || unlikely (z.avail_out != 0))
     {
       free (buf_out);
+      buf_out = NULL;
       __libelf_seterrno (ELF_E_DECOMPRESS_ERROR);
-      return NULL;
     }
 
+  inflateEnd(&z);
   return buf_out;
 }
 
-- 
2.25.1.696.g5e7596f4ac-goog