From d6d4fa506b3a14038330e73e3e861dc9f64310eb Mon Sep 17 00:00:00 2001
From: Khangaroo <khang06@users.noreply.github.com>
Date: Sun, 16 Oct 2022 21:02:45 -0400
Subject: [PATCH] Fix memory leaks and module instrumentation in frida_gdiplus
 (#841)

* Fix memory leaks and module instrumentation in frida_gdiplus

* Run clang-format
---
 fuzzers/frida_gdiplus/README.md  |  2 +-
 fuzzers/frida_gdiplus/harness.cc | 15 +++++++++++++--
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/fuzzers/frida_gdiplus/README.md b/fuzzers/frida_gdiplus/README.md
index cccdefc352..8f205a2a63 100644
--- a/fuzzers/frida_gdiplus/README.md
+++ b/fuzzers/frida_gdiplus/README.md
@@ -6,4 +6,4 @@ Then compile the harness `cl.exe /LD harness.cc /link /dll gdiplus.lib ole32.lib
 
 ## Run
 
-To run the example `target\release\frida_gdiplus.exe -H harness.dll -i corpus -o output`
+To run the example `target\release\frida_gdiplus.exe -H harness.dll -i corpus -o output --libs-to-instrument gdi32.dll --libs-to-instrument gdi32full.dll --libs-to-instrument gdiplus.dll --libs-to-instrument WindowsCodecs.dll`
diff --git a/fuzzers/frida_gdiplus/harness.cc b/fuzzers/frida_gdiplus/harness.cc
index 11b363a388..e6f9836f3b 100644
--- a/fuzzers/frida_gdiplus/harness.cc
+++ b/fuzzers/frida_gdiplus/harness.cc
@@ -15,6 +15,19 @@ using namespace Gdiplus;
 GdiplusStartupInput gdiplusStartupInput;
 ULONG_PTR           gdiplusToken;
 
+// Some DLLs are lazily loaded during image loading
+// FridaInstrumentationHelper doesn't instrument DLLs that are loaded after
+// init, so they're manually loaded here
+BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved) {
+  switch (fdwReason) {
+    case DLL_PROCESS_ATTACH:
+      LoadLibraryA("gdi32full.dll");
+      LoadLibraryA("WindowsCodecs.dll");
+      break;
+  }
+  return TRUE;
+}
+
 extern "C" __declspec(dllexport) int LLVMFuzzerTestOneInput(const uint8_t *data,
                                                             size_t size) {
   static DWORD init = 0;
@@ -34,8 +47,6 @@ extern "C" __declspec(dllexport) int LLVMFuzzerTestOneInput(const uint8_t *data,
         Gdiplus::Bitmap *m_pBitmap = Gdiplus::Bitmap::FromStream(pStream);
         pStream->Release();
         if (m_pBitmap) {
-          if (m_pBitmap->GetLastStatus() == Gdiplus::Ok) return true;
-
           delete m_pBitmap;
           m_pBitmap = NULL;
         }