Re: [sleuthkit-users] "Proper" install method for TSK on Ubuntu
Brought to you by:
carrier
Menu
▾
▴
Re: [sleuthkit-users] "Proper" install method for TSK on Ubuntu
|
From: Derrick K. <dk...@gm...> - 2018-11-20 02:15:58
|
tl;dr please try recompile with the below patch applied to srch_strings.c?
Hmmm. That is odd. I *may* have been able to replicate the error
here albeit my srch_strings doesn't core dump but throws a double free
error on a text file as well (Mine is broken too!??!!?):
<snip>
<snip>
dk@anubis:~$ srch_strings -a /usr/share/common-licenses/GPL-3
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
double free or corruption (fasttop)
Aborted
<snip>
<snip>
I ran it through valgrind to figure out what is up and it may be the
free() call that's in srch_strings.c:589. Keep in mind that IANACPBAM
(I Am Not A C Programmer By Any Means) so take this with a grain of
salt. :) srch_strings.c allocates a 'unsigned char buf[4];' and then
later calls free() on this buf[]. My understanding is in C you don't
need to free() arrays like this as they automatically get deallocated
when the function returns. You only need to free() pointers that are
malloc() etc.
After removing the call to free() on line 589 srch_strings runs
cleanly and does not explode. For good measure, the below patch
removes both free() calls since they are both operating on that same
buf[]. Hopefully Brian et al or some other actual C coder can comment
if I'm on glue or not as this seems too simple to fix the problem!
Did it fix anything?
Derrick
Here's the patch:
dk@anubis:~/sc/git-ext/sleuthkit$ diff -u
tools/srchtools/srch_strings.c-ORIG tools/srchtools/srch_strings.c
--- tools/srchtools/srch_strings.c-ORIG 2018-11-19 18:51:46.936162930 -0700
+++ tools/srchtools/srch_strings.c 2018-11-19 19:07:48.990158388 -0700
@@ -554,7 +554,6 @@
{
c = get_char (stream, &address, &magiccount, &magic);
if (c == EOF) {
- free(buf);
return;
}
if (! STRING_ISGRAPHIC (c))
@@ -586,7 +585,6 @@
buf[i] = '\0';
fputs (buf, stdout);
- free(buf);
while (1)
{
|
