From 9b91799591d1d9d3f6597d011aa38c9c73547c84 Mon Sep 17 00:00:00 2001
From: pancake <pancake@nopcode.org>
Date: Wed, 30 May 2018 17:26:04 +0200
Subject: [PATCH] Fix memleak and null deref in types

---
 libr/core/anal_tp.c | 1 +
 libr/util/ctype.c   | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/libr/core/anal_tp.c b/libr/core/anal_tp.c
index 9608748587..454dc32fa8 100644
--- a/libr/core/anal_tp.c
+++ b/libr/core/anal_tp.c
@@ -216,6 +216,7 @@ R_API void r_core_anal_type_match(RCore *core, RAnalFunction *fcn) {
 		int *previnstr = calloc (MAXINSTR + 1, sizeof (int));
 		if (!previnstr) {
 			eprintf ("Cannot allocate %d byte(s)\n", MAXINSTR + 1);
+			free (buf);
 			return;
 		}
 		r_cons_break_push (NULL, NULL);
diff --git a/libr/util/ctype.c b/libr/util/ctype.c
index e037476ef3..c4c6de5ac5 100644
--- a/libr/util/ctype.c
+++ b/libr/util/ctype.c
@@ -481,6 +481,9 @@ R_API char *r_type_func_guess(Sdb *TDB, char *func_name) {
 	// also try module.dll_function and function_number
 	if ((first = strchr (str, '_'))) {
 		last = (char *)r_str_lchr (first, '_');
+		if (!last) {
+			goto out;
+		}
 		// middle + suffix or right half
 		if ((result = type_func_try_guess (TDB, first + 1))) {
 			goto out;