prevent cyclic loops in sigopts_handler

preventing memory leaks in yara sigs

libclamav/readdb.c

@@ -120,9 +120,10 @@ static int sigopts_handler(struct cli_matcher *root, const char *virname, const
     char *hexcpy;
     int i, ret = CL_SUCCESS;
 
-    cli_errmsg("%s: %s %02x\n", virname, hexsig, sigopts);
+    /* prevent cyclic loops with cli_parse_add on same hexsig
-
+     * cyclic loops should be impossible though
-    if (sigopts && !(sigopts & ACPATT_OPTION_ONCE)) {
+     */
+    if (!(sigopts & ACPATT_OPTION_ONCE)) {
         hexcpy = cli_strdup(hexsig);
         if (!hexcpy)
             return CL_EMEM;
@@ -211,12 +212,15 @@ static int sigopts_handler(struct cli_matcher *root, const char *virname, const
                 return ret;
             }
         }
+
+        /* ASCII sigopt; NOCASE sigopt is handled in cli_ac_addsig */
+        ret = cli_parse_add(root, virname, hexcpy, sigopts, rtype, type, offset, target, lsigid, options);
+        free(hexcpy);
+        return ret;
     }
 
-    /* NOCASE sigopt is handled in cli_ac_addsig */
+    cli_errmsg("sigopts_handler: invalidly called multiple times!\n");
-    ret = cli_parse_add(root, virname, hexcpy, sigopts, rtype, type, offset, target, lsigid, options);
+    return CL_EPARSE;
-    free(hexcpy);
-    return ret;
 }
 
 #define PCRE_TOKENS 4
@@ -3496,6 +3500,11 @@ static int load_oneyara(YR_RULE *rule, struct cl_engine *engine, unsigned int op
                     (ytable.table[i]->sigopts & ACPATT_OPTION_ASCII) ? "a" : "");
 
         if((ret = sigopts_handler(root, rule->id, ytable.table[i]->hexstr, ytable.table[i]->sigopts, 0, 0, ytable.table[i]->offset, target, lsigid, options)) != CL_SUCCESS) {
+            root->ac_lsigs--;
+            FREE_TDB(tdb);
+            ytable_delete(&ytable);
+            mpool_free(engine->mempool, lsig);
+
             yara_malform++;
             return ret;
         }