Open
Conversation
Replace raw pointer typedefs with std::unique_ptr for SubkeyListRecord, ValueListRecord, DBRecord, and DBIndirectRecord. All Cell factory methods now use make_unique. Callers no longer manually delete these returned records. Also fixes a logic bug in NKRecord::getSubkeyList() where the early-return for empty subkey count was missing the return keyword, causing fall-through to an invalid offset read. Initialize previously uninitialized member variables in BinaryBlock, Buffer, and DirectSubkeyListRecord. Remove orphaned LIRecordPtr typedef from LIRecord. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
c->getSubkeyList() returns unique_ptr by value (already an rvalue), so std::move is a no-op. Also remove now-unused <utility> include. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Clarify which methods return unique_ptr (no caller cleanup needed) vs raw pointers where the caller is responsible for freeing. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Consistent with prior member initialization fixes across the library. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Member
Author
|
This PR is to take in changes from sleuthkit#3447 and address comments and fix other memory leaks. |
Member
Author
|
I am generally good with this PR but we should have Ann review and I'd like to do some comparisons on registry output before and after before we merge this. |
Forensic data may not be properly null-terminated. After parsing null-delimited strings, capture any trailing data that lacks a double-null terminator by padding for wchar_t alignment and appending a null terminator before constructing the wstring. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The offset parameter now correctly refers to the destination buffer offset rather than the source buffer offset, matching the original Java ByteBuffer.get(byte[], int, int) contract. Fixed validation checks and memcpy accordingly.
crayy8
commented
Mar 18, 2026
|
|
||
| memcpy(&dst[0], &_buffer[_position + offset], length); | ||
| _position += offset; | ||
| memcpy(&dst[offset], &_buffer[_position], length); |
Member
Author
There was a problem hiding this comment.
NOTE: none of this really matters in our current code as this method is only called in one location RegistryByteBuffer::getData. This method doesn't use it as intended as it always passes in an offset of 0 and saved the current buffer position before calling and restores it after calling so this logic does not even come into play in our usage.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.