Makes pm mutex optional via configuration flag

2025-08-13 13:26:01 +03:00 · 2017-09-07 22:23:34 -03:00 · 2017-09-07 22:23:34 -03:00 · 7d786b3350
commit 7d786b3350
parent 119a6fc074
4 changed files with 37 additions and 1 deletions
--- a/configure.ac
+++ b/configure.ac
@ -248,6 +248,23 @@ AC_ARG_ENABLE(parser-generation,
    [buildParser=false]
    )

+# Mutex
+AC_ARG_ENABLE(mutex-on-pm,
+    [AC_HELP_STRING([--enable-mutex-on-pm],[Treats pm operations as a critical section])],
+
+    [case "${enableval}" in
+        yes) mutexPm=true ;;
+        no)  mutexPm=false ;;
+        *) AC_MSG_ERROR(bad value ${enableval} for --enable-mutex-on-pm) ;;
+    esac],
+
+    [mutexPm=false]
+    )
+if test "$mutexPm" == "true"; then
+    MODSEC_MUTEX_ON_PM="-DMUTEX_ON_PM=1"
+    AC_SUBST(MODSEC_MUTEX_ON_PM)
+fi
+

 if test $buildParser = true; then
    AC_PROG_YACC
@ -287,6 +304,7 @@ fi

 AM_CONDITIONAL([EXAMPLES], [test $buildExamples = true])
 AM_CONDITIONAL([BUILD_PARSER], [test $buildParser = true])
+AM_CONDITIONAL([USE_MUTEX_ON_PM], [test $mutexPm = true])


 # General link options
@ -494,12 +512,20 @@ if test "$buildExamples" = "true"; then
 else
    echo "   + library examples                              ....disabled"
 fi
+
 if test "$buildParser" = "true"; then
    echo "   + Building parser                               ....enabled"
 else
    echo "   + Building parser                               ....disabled"
 fi

+if test "$mutexPm" = "true"; then
+    echo "   + Treating pm operations as critical section    ....enabled"
+else
+    echo "   + Treating pm operations as critical section    ....disabled"
+fi
+
+
 echo " "


--- a/src/Makefile.am
+++ b/src/Makefile.am
@ -293,6 +293,7 @@ libmodsecurity_la_CPPFLAGS = \
 	$(GEOIP_CFLAGS) \
 	$(GLOBAL_CPPFLAGS) \
 	$(MODSEC_NO_LOGS) \
+	$(MODSEC_MUTEX_ON_PM) \
 	$(YAJL_CFLAGS) \
 	$(LMDB_CFLAGS) \
 	$(PCRE_CFLAGS) \
--- a/src/operators/pm.cc
+++ b/src/operators/pm.cc
@ -40,7 +40,9 @@ Pm::~Pm() {

    free(m_p);
    m_p = NULL;
+#ifdef MODSEC_MUTEX_ON_PM
    pthread_mutex_destroy(&m_lock);
+#endif
 }


@ -87,9 +89,13 @@ bool Pm::evaluate(Transaction *transaction, Rule *rule,
    pt.parser = m_p;
    pt.ptr = NULL;
    const char *match = NULL;
+#ifdef MODSEC_MUTEX_ON_PM
    pthread_mutex_lock(&m_lock);
+#endif
    rc = acmp_process_quick(&pt, &match, input.c_str(), input.length());
+#ifdef MODSEC_MUTEX_ON_PM
    pthread_mutex_unlock(&m_lock);
+#endif
    bool capture = rule && rule->getActionsByName("capture").size() > 0;

    if (rc > 0 && transaction) {
@ -116,8 +122,9 @@ bool Pm::init(const std::string &file, std::string *error) {
    std::istringstream *iss;
    const char *err = NULL;

+#ifdef MODSEC_MUTEX_ON_PM
    pthread_mutex_init(&m_lock, NULL);
-
+#endif
    char *content = parse_pm_content(m_param.c_str(), m_param.length(), &err);
    if (content == NULL) {
        iss = new std::istringstream(m_param);
--- a/src/operators/pm.h
+++ b/src/operators/pm.h
@ -56,8 +56,10 @@ class Pm : public Operator {
 protected:
    ACMP *m_p;

+#ifdef MODSEC_MUTEX_ON_PM
 private:
    pthread_mutex_t m_lock;
+#endif
 };