Memory leak with CSList::ThrowAll() in NTFS_Common.h

I found a mistake of using (or implement) with CSList::ThrowAll(). With ThrowAll() you want to give the responsibility of memory freeing to the object that the list assigned for. But in your InsertEntry() function, it just assigns only the pointer of ENTRY_TYPE not the pointer of NTSLIST_ENTRY and those pointers will never be freed.

https://github.com/PowerShellMafia/PowerSploit/blob/262a260865d408808ab332f972d410d3b861eff1/Exfiltration/NTFSParser/NTFSParserDLL/NTFS_Common.h#L159-L177

So in the ThrowAll(), you must free the NTSLIST_ENTRY before throwing all to NULL.

	__inline void ThrowAll()
	{
		// My fix
		while (ListHead)
		{
			ListCurrent = ListHead->Next;
			ListHead->Entry = NULL;
			delete ListHead;

			ListHead = ListCurrent;
		}
		// End my fix
		ListHead = ListTail = NULL;
		ListCurrent = NULL;
		EntryCount = 0;
	}

	BOOL InsertEntry(ENTRY_TYPE *entry)
	{
	NTSLIST_ENTRY<ENTRY_TYPE> *le = new NTSLIST_ENTRY<ENTRY_TYPE>;
	if (!le)
	return FALSE;

	le->Entry = entry;
	le->Next = NULL;

	if (ListTail == NULL)
	ListHead = le; // Empty list
	else
	ListTail->Next = le;

	ListTail = le;

	EntryCount++;
	return TRUE;
	}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Memory leak with CSList::ThrowAll() in NTFS_Common.h #268

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Memory leak with CSList::ThrowAll() in NTFS_Common.h #268

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions