github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Resolve memory leak (bison-generated position.filename)

Browse Source
This commit is contained in:
Martin Vierula 2023-02-14 15:19:54 -08:00
parent ea80d31667
commit 55d6aa94e1
7 changed files with 953 additions and 943 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/parser/driver.cc
View File

@ -34,6 +34,7 @@ Driver::Driver()
Driver::~Driver() { Driver::~Driver() {
while (loc.empty() == false) { while (loc.empty() == false) {
yy::location *a = loc.back(); yy::location *a = loc.back();
loc.pop_back(); loc.pop_back();
@ -129,9 +130,11 @@ int Driver::parse(const std::string &f, const std::string &ref) {
m_lastRule = nullptr; m_lastRule = nullptr;
loc.push_back(new yy::location()); loc.push_back(new yy::location());
if (ref.empty()) { if (ref.empty()) {
loc.back()->begin.filename = loc.back()->end.filename = new std::string("<<reference missing or not informed>>"); m_filenames.push_back("<<reference missing or not informed>>");
loc.back()->begin.filename = loc.back()->end.filename = &(m_filenames.back());
} else { } else {
loc.back()->begin.filename = loc.back()->end.filename = new std::string(ref); m_filenames.push_back(ref);
loc.back()->begin.filename = loc.back()->end.filename = &(m_filenames.back());
} }
if (f.empty()) { if (f.empty()) {

15
src/parser/driver.h
View File

@ -53,14 +53,6 @@ typedef struct Driver_t Driver;
#endif #endif
/**
*
* FIXME: There is a memory leak in the filename at yy::location.
* The filename should be converted into a shared string to
* save memory or be associated with the life cycle of the
* driver class.
*
**/
class Driver : public RulesSetProperties { class Driver : public RulesSetProperties {
public: public:
Driver(); Driver();
@ -92,6 +84,13 @@ class Driver : public RulesSetProperties {
RuleWithActions *m_lastRule; RuleWithActions *m_lastRule;
RulesSetPhases m_rulesSetPhases; RulesSetPhases m_rulesSetPhases;
// Retain a list of new'd filenames so that they are available during the lifetime
// of the Driver object, but so that they will get cleaned up by the Driver
// destructor. This is to resolve a memory leak of yy.position.filename in location.hh.
// Ordinarily other solutions would have been preferable, but location.hh is a
// bison-generated file, which makes some alternative solutions impractical.
std::list<std::string> m_filenames;
}; };

1839
src/parser/seclang-parser.cc
View File

File diff suppressed because it is too large Load Diff

3
src/parser/seclang-parser.yy
View File

@ -319,7 +319,8 @@ using namespace modsecurity::operators;
%initial-action %initial-action
{ {
// Initialize the initial location. // Initialize the initial location.
@$.begin.filename = @$.end.filename = new std::string(driver.file); driver.m_filenames.push_back(driver.file);
@$.begin.filename = @$.end.filename = &(driver.m_filenames.back());
}; };
%define parse.trace %define parse.trace
%define parse.error verbose %define parse.error verbose

21
src/parser/seclang-scanner.cc
View File

@ -5106,7 +5106,7 @@ static const flex_int16_t yy_rule_linenum[544] =
1177, 1178, 1179, 1180, 1182, 1183, 1184, 1185, 1187, 1188, 1177, 1178, 1179, 1180, 1182, 1183, 1184, 1185, 1187, 1188,
1189, 1190, 1192, 1194, 1195, 1197, 1198, 1199, 1200, 1202, 1189, 1190, 1192, 1194, 1195, 1197, 1198, 1199, 1200, 1202,
1207, 1208, 1209, 1213, 1214, 1215, 1220, 1222, 1223, 1224, 1207, 1208, 1209, 1213, 1214, 1215, 1220, 1222, 1223, 1224,
1243, 1271, 1301 1243, 1272, 1303
} ; } ;
/* The intent behind this definition is that it'll catch /* The intent behind this definition is that it'll catch
@ -8546,7 +8546,8 @@ YY_RULE_SETUP
std::string err; std::string err;
std::string f = modsecurity::utils::find_resource(s, *driver.loc.back()->end.filename, &err); std::string f = modsecurity::utils::find_resource(s, *driver.loc.back()->end.filename, &err);
driver.loc.push_back(new yy::location()); driver.loc.push_back(new yy::location());
driver.loc.back()->begin.filename = driver.loc.back()->end.filename = new std::string(f); driver.m_filenames.push_back(f);
driver.loc.back()->begin.filename = driver.loc.back()->end.filename = &(driver.m_filenames.back());
yyin = fopen(f.c_str(), "r" ); yyin = fopen(f.c_str(), "r" );
if (!yyin) { if (!yyin) {
BEGIN(INITIAL); BEGIN(INITIAL);
@ -8560,7 +8561,7 @@ YY_RULE_SETUP
YY_BREAK YY_BREAK
case 542: case 542:
YY_RULE_SETUP YY_RULE_SETUP
#line 1271 "seclang-scanner.ll" #line 1272 "seclang-scanner.ll"
{ {
std::string err; std::string err;
const char *tmpStr = yytext + strlen("include"); const char *tmpStr = yytext + strlen("include");
@ -8577,7 +8578,8 @@ YY_RULE_SETUP
for (auto& s: files) { for (auto& s: files) {
std::string f = modsecurity::utils::find_resource(s, *driver.loc.back()->end.filename, &err); std::string f = modsecurity::utils::find_resource(s, *driver.loc.back()->end.filename, &err);
driver.loc.push_back(new yy::location()); driver.loc.push_back(new yy::location());
driver.loc.back()->begin.filename = driver.loc.back()->end.filename = new std::string(f); driver.m_filenames.push_back(f);
driver.loc.back()->begin.filename = driver.loc.back()->end.filename = &(driver.m_filenames.back());
yyin = fopen(f.c_str(), "r" ); yyin = fopen(f.c_str(), "r" );
if (!yyin) { if (!yyin) {
@ -8594,7 +8596,7 @@ YY_RULE_SETUP
case 543: case 543:
/* rule 543 can match eol */ /* rule 543 can match eol */
YY_RULE_SETUP YY_RULE_SETUP
#line 1301 "seclang-scanner.ll" #line 1303 "seclang-scanner.ll"
{ {
HttpsClient c; HttpsClient c;
std::string key; std::string key;
@ -8610,7 +8612,8 @@ YY_RULE_SETUP
c.setKey(key); c.setKey(key);
driver.loc.push_back(new yy::location()); driver.loc.push_back(new yy::location());
driver.loc.back()->begin.filename = driver.loc.back()->end.filename = new std::string(url); driver.m_filenames.push_back(url);
driver.loc.back()->begin.filename = driver.loc.back()->end.filename = &(driver.m_filenames.back());
YY_BUFFER_STATE temp = YY_CURRENT_BUFFER; YY_BUFFER_STATE temp = YY_CURRENT_BUFFER;
yypush_buffer_state(temp); yypush_buffer_state(temp);
@ -8632,10 +8635,10 @@ YY_RULE_SETUP
YY_BREAK YY_BREAK
case 544: case 544:
YY_RULE_SETUP YY_RULE_SETUP
#line 1337 "seclang-scanner.ll" #line 1340 "seclang-scanner.ll"
ECHO; ECHO;
YY_BREAK YY_BREAK
#line 8639 "seclang-scanner.cc" #line 8642 "seclang-scanner.cc"
case YY_END_OF_BUFFER: case YY_END_OF_BUFFER:
{ {
@ -9740,7 +9743,7 @@ void yyfree (void * ptr )
/* %ok-for-header */ /* %ok-for-header */
#line 1337 "seclang-scanner.ll" #line 1340 "seclang-scanner.ll"
namespace modsecurity { namespace modsecurity {

9
src/parser/seclang-scanner.ll
View File

@ -1255,7 +1255,8 @@ EQUALS_MINUS (?i:=\-)
std::string err; std::string err;
std::string f = modsecurity::utils::find_resource(s, *driver.loc.back()->end.filename, &err); std::string f = modsecurity::utils::find_resource(s, *driver.loc.back()->end.filename, &err);
driver.loc.push_back(new yy::location()); driver.loc.push_back(new yy::location());
driver.loc.back()->begin.filename = driver.loc.back()->end.filename = new std::string(f); driver.m_filenames.push_back(f);
driver.loc.back()->begin.filename = driver.loc.back()->end.filename = &(driver.m_filenames.back());
yyin = fopen(f.c_str(), "r" ); yyin = fopen(f.c_str(), "r" );
if (!yyin) { if (!yyin) {
BEGIN(INITIAL); BEGIN(INITIAL);
@ -1283,7 +1284,8 @@ EQUALS_MINUS (?i:=\-)
for (auto& s: files) { for (auto& s: files) {
std::string f = modsecurity::utils::find_resource(s, *driver.loc.back()->end.filename, &err); std::string f = modsecurity::utils::find_resource(s, *driver.loc.back()->end.filename, &err);
driver.loc.push_back(new yy::location()); driver.loc.push_back(new yy::location());
driver.loc.back()->begin.filename = driver.loc.back()->end.filename = new std::string(f); driver.m_filenames.push_back(f);
driver.loc.back()->begin.filename = driver.loc.back()->end.filename = &(driver.m_filenames.back());
yyin = fopen(f.c_str(), "r" ); yyin = fopen(f.c_str(), "r" );
if (!yyin) { if (!yyin) {
@ -1312,7 +1314,8 @@ EQUALS_MINUS (?i:=\-)
c.setKey(key); c.setKey(key);
driver.loc.push_back(new yy::location()); driver.loc.push_back(new yy::location());
driver.loc.back()->begin.filename = driver.loc.back()->end.filename = new std::string(url); driver.m_filenames.push_back(url);
driver.loc.back()->begin.filename = driver.loc.back()->end.filename = &(driver.m_filenames.back());
YY_BUFFER_STATE temp = YY_CURRENT_BUFFER; YY_BUFFER_STATE temp = YY_CURRENT_BUFFER;
yypush_buffer_state(temp); yypush_buffer_state(temp);

2
test/cppcheck_suppressions.txt
View File

@ -60,7 +60,7 @@ ctunullpointer:src/rule_with_operator.cc:135
ctunullpointer:src/rule_with_operator.cc:95 ctunullpointer:src/rule_with_operator.cc:95
passedByValue:src/variables/global.h:109 passedByValue:src/variables/global.h:109
passedByValue:src/variables/global.h:110 passedByValue:src/variables/global.h:110
passedByValue:src/parser/driver.cc:45 passedByValue:src/parser/driver.cc:46
passedByValue:test/common/modsecurity_test.cc:49 passedByValue:test/common/modsecurity_test.cc:49
passedByValue:test/common/modsecurity_test.cc:98 passedByValue:test/common/modsecurity_test.cc:98
unreadVariable:src/rule_with_operator.cc:219 unreadVariable:src/rule_with_operator.cc:219