[Fix] Fix use after free

Issue: #2867
Closes: #2867

diff --git a/src/libmime/archives.c b/src/libmime/archives.c
index ed49db4b388a1c123dd74d39af57ba574be19559..9c0336ac85be62a7c29e26f9cf9f4b9349127f45 100644 (file)
--- a/src/libmime/archives.c
+++ b/src/libmime/archives.c
@@ -1173,22 +1173,22 @@ rspamd_7zip_read_coders_info (struct rspamd_task *task,
                                        return NULL;
                                }
 
+                               if (folder_nstreams) {
+                                       g_free (folder_nstreams);
+                               }
+
                                folder_nstreams = g_malloc (sizeof (int) * num_folders);
 
                                for (i = 0; i < num_folders && p != NULL && p < end; i++) {
                                        p = rspamd_7zip_read_folder (task, p, end, arch,
                                                        &folder_nstreams[i], &num_digests);
                                }
-
-                               g_free (folder_nstreams);
                        }
                        break;
                case kCodersUnPackSize:
                        for (i = 0; i < num_folders && p != NULL && p < end; i++) {
                                if (folder_nstreams) {
                                        for (guint j = 0; j < folder_nstreams[i]; j++) {
-                                               guint64 tmp;
-
                                                SZ_READ_VINT (tmp); /* Unpacked size */
                                                msg_debug_archive ("7zip: unpacked size "
                                                                                   "(folder=%d, stream=%d) = %L",
@@ -1237,6 +1237,10 @@ end:
                *pnum_folders = num_folders;
        }
 
+       if (folder_nstreams) {
+               g_free (folder_nstreams);
+       }
+
        return p;
 }