From e3ac725ad71a425297dfa2be0dc231503df9b091 Mon Sep 17 00:00:00 2001 From: Tomasz Swierczek Date: Thu, 14 Jun 2018 10:41:26 +0200 Subject: [PATCH] Add protection against leaking memory during deserialization Change-Id: Ie4e2b4fed97e73368554d779f3cb83c2678dcdfc --- src/dpl/core/include/dpl/serialization.h | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/src/dpl/core/include/dpl/serialization.h b/src/dpl/core/include/dpl/serialization.h index 240327e..7226c64 100644 --- a/src/dpl/core/include/dpl/serialization.h +++ b/src/dpl/core/include/dpl/serialization.h @@ -266,7 +266,9 @@ struct Deserialization { static void Deserialize(IStream& stream, char*& value) { value = new char; + std::unique_ptr ptr(value); stream.Read(sizeof(*value), value); + ptr.release(); } // unsigned char @@ -277,7 +279,9 @@ struct Deserialization { static void Deserialize(IStream& stream, unsigned char*& value) { value = new unsigned char; + std::unique_ptr ptr(value); stream.Read(sizeof(*value), value); + ptr.release(); } // unsigned int @@ -288,7 +292,9 @@ struct Deserialization { static void Deserialize(IStream& stream, unsigned*& value) { value = new unsigned; + std::unique_ptr ptr(value); stream.Read(sizeof(*value), value); + ptr.release(); } // int @@ -299,7 +305,9 @@ struct Deserialization { static void Deserialize(IStream& stream, int*& value) { value = new int; + std::unique_ptr ptr(value); stream.Read(sizeof(*value), value); + ptr.release(); } // bool @@ -310,7 +318,9 @@ struct Deserialization { static void Deserialize(IStream& stream, bool*& value) { value = new bool; + std::unique_ptr ptr(value); stream.Read(sizeof(*value), value); + ptr.release(); } // time_t @@ -321,7 +331,9 @@ struct Deserialization { static void Deserialize(IStream& stream, time_t*& value) { value = new time_t; + std::unique_ptr ptr(value); stream.Read(sizeof(*value), value); + ptr.release(); } // std::string @@ -330,20 +342,20 @@ struct Deserialization { int length; stream.Read(sizeof(length), &length); char * buf = new char[length + 1]; + std::unique_ptr ptr(buf); stream.Read(length, buf); buf[length] = 0; str = std::string(buf); - delete[] buf; } static void Deserialize(IStream& stream, std::string*& str) { int length; stream.Read(sizeof(length), &length); char * buf = new char[length + 1]; + std::unique_ptr ptr(buf); stream.Read(length, buf); buf[length] = 0; str = new std::string(buf); - delete[] buf; } // STL templates @@ -364,7 +376,9 @@ struct Deserialization { static void Deserialize(IStream& stream, std::list*& list) { list = new std::list; + std::unique_ptr> ptr(list); Deserialize(stream, *list); + ptr.release(); } // std::vector @@ -383,7 +397,9 @@ struct Deserialization { static void Deserialize(IStream& stream, std::vector*& vec) { vec = new std::vector; + std::unique_ptr> ptr(vec); Deserialize(stream, *vec); + ptr.release(); } // std::pair @@ -397,7 +413,9 @@ struct Deserialization { static void Deserialize(IStream& stream, std::pair*& p) { p = new std::pair; + std::unique_ptr> ptr(p); Deserialize(stream, *p); + ptr.release(); } // std::tuple @@ -418,7 +436,9 @@ struct Deserialization { static void Deserialize(IStream& stream, std::tuple*& t) { t = new std::tuple; + std::unique_ptr> ptr(t); Deserialize(stream, *t); + ptr.release(); } // std::map @@ -439,7 +459,9 @@ struct Deserialization { static void Deserialize(IStream& stream, std::map*& map) { map = new std::map; + std::unique_ptr> ptr(map); Deserialize(stream, *map); + ptr.release(); } template -- 2.7.4