Memory leak with CSList::ThrowAll() in NTFS_Common.h

I found a mistake of using (or implement) with CSList::ThrowAll(). With ThrowAll() you want to give the responsibility of memory freeing to the object that the list assigned for. But in your InsertEntry() function, it just assigns only the pointer of ENTRY_TYPE not the pointer of NTSLIST_ENTRY and those pointers will never be freed.

PowerSploit/Exfiltration/NTFSParser/NTFSParserDLL/NTFS_Common.h

Lines 159 to 177 in 262a260

    
           BOOL InsertEntry(ENTRY_TYPE *entry) 
        
           { 
        
           	NTSLIST_ENTRY<ENTRY_TYPE> *le = new NTSLIST_ENTRY<ENTRY_TYPE>; 
        
           	if (!le) 
        
           		return FALSE; 
        
           	le->Entry = entry; 
        
           	le->Next = NULL; 
        
           	if (ListTail == NULL) 
        
           		ListHead = le;		// Empty list 
        
           	else 
        
           		ListTail->Next = le; 
        
           	ListTail = le; 
        
           	EntryCount++; 
        
           	return TRUE; 
        
           }

So in the ThrowAll(), you must free the NTSLIST_ENTRY before throwing all to NULL.

__inline void ThrowAll()
{
	// My fix
	while (ListHead)
	{
		ListCurrent = ListHead->Next;
		ListHead->Entry = NULL;
		delete ListHead;

		ListHead = ListCurrent;
	}
	// End my fix
	ListHead = ListTail = NULL;
	ListCurrent = NULL;
	EntryCount = 0;
}

	BOOL InsertEntry(ENTRY_TYPE *entry)
	{
	NTSLIST_ENTRY<ENTRY_TYPE> *le = new NTSLIST_ENTRY<ENTRY_TYPE>;
	if (!le)
	return FALSE;

	le->Entry = entry;
	le->Next = NULL;

	if (ListTail == NULL)
	ListHead = le; // Empty list
	else
	ListTail->Next = le;

	ListTail = le;

	EntryCount++;
	return TRUE;
	}