github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixes regarding memory management

Browse Source 
Fixes assorted issues identified by valgrind.
This commit is contained in:
Felipe Zimmerle 2016-06-15 23:52:26 -03:00
parent cb91af537c
commit 9919026620
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
46 changed files with 234 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile.am
View File

@ -37,7 +37,7 @@ MAINTAINERCLEANFILES = \
depcomp
@VALGRIND_CHECK_RULES@
VALGRIND_SUPPRESSIONS_FILES = test/valgrind_suppressions.txt
VALGRIND_SUPPRESSIONS_FILES = valgrind_suppressions.txt
LOG_DRIVER = env $(SHELL) $(top_srcdir)/test/custom-test-driver
AM_TESTS_ENVIRONMENT=AUTOMAKE_TESTS=true; export AUTOMAKE_TESTS;

2
build/ax_valgrind_check.m4
View File

@ -201,7 +201,7 @@ VALGRIND_TESTS_ENVIRONMENT = \
G_SLICE=always-malloc,debug-blocks \
G_DEBUG=fatal-warnings,fatal-criticals,gc-friendly
VALGRIND_LOG_COMPILER = test/test-suite.sh
VALGRIND_LOG_COMPILER = test/test-suite.sh $(VALGRIND_SUPPRESSIONS) $(VALGRIND_FLAGS)
# $(valgrind_lt) \
# $(VALGRIND) $(VALGRIND_SUPPRESSIONS) --error-exitcode=1 $(VALGRIND_FLAGS)

1
headers/modsecurity/collection/collection.h
View File

@ -39,6 +39,7 @@ namespace collection {
class Collection {
public:
virtual ~Collection() { };
virtual void store(std::string key, std::string value) = 0;
virtual bool storeOrUpdateFirst(const std::string &key,

2
headers/modsecurity/debug_log.h
View File

@ -36,7 +36,7 @@ class DebugLog {
: m_debugLevel(-1),
m_fileName("") { }
~DebugLog();
virtual ~DebugLog();
virtual void write(int level, const std::string &msg);
bool isLogFileSet();

2
headers/modsecurity/rules_properties.h
View File

@ -103,7 +103,7 @@ class RulesProperties {
*/
~RulesProperties() {
delete m_debugLog;
}
};
std::vector<Rule *> rules[7];
std::vector<Rule *> * getRulesForPhase(int phase) {

1
src/collection/collections.cc
View File

@ -51,6 +51,7 @@ Collections::~Collections() {
for (const auto &thing : *this) {
delete thing.second;
}
delete m_transient;
this->clear();
}

3
src/debug_log_writer.cc
View File

@ -40,17 +40,16 @@ void DebugLogWriter::open(const std::string& fileName) {
void DebugLogWriter::close(const std::string& fileName) {
#if 0
std::map<std::string, DebugLogWriterAgent *>::iterator it;
DebugLogWriterAgent *agent;
it = agents.find(fileName);
if (it != agents.end()) {
agent = it->second;
if (agent->refCountDecreaseAndCheck()) {
delete agent;
agents.erase(it);
}
}
#endif
}

1
src/debug_log_writer_agent.cc
View File

@ -33,7 +33,6 @@ DebugLogWriterAgent::DebugLogWriterAgent(const std::string& fileName) :
void DebugLogWriterAgent::write(const std::string& msg) {
if (!is_open()) {
std::cout << "Agent: " << m_fileName << ": " << msg << std::endl;
return;
}

1
src/debug_log_writer_agent.h
View File

@ -36,7 +36,6 @@ class DebugLogWriterAgent : public std::ofstream {
bool refCountDecreaseAndCheck() {
this->m_referenceCount--;
if (this->m_referenceCount == 0) {
delete this;
return true;
}
return false;

4
src/modsecurity.cc
View File

@ -66,6 +66,10 @@ ModSecurity::~ModSecurity() {
#ifdef WITH_GEOIP
Utils::GeoLookup::getInstance().cleanUp();
#endif
delete m_global_collection;
delete m_ip_collection;
delete m_session_collection;
delete m_user_collection;
}

4
src/operators/ip_match.cc
View File

@ -25,12 +25,12 @@ namespace modsecurity {
namespace operators {
bool IpMatch::init(const std::string &file, const char **error) {
bool IpMatch::init(const std::string &file, std::string *error) {
std::string e("");
bool res = m_tree.addFromBuffer(param, &e);
if (res == false) {
*error = e.c_str();
error->assign(e);
}
return res;

2
src/operators/ip_match.h
View File

@ -33,7 +33,7 @@ class IpMatch : public Operator {
bool evaluate(Transaction *transaction, const std::string &input) override;
bool init(const std::string &file, const char **error) override;
bool init(const std::string &file, std::string *error) override;
protected:
Utils::IpTree m_tree;

6
src/operators/ip_match_from_file.cc
View File

@ -15,6 +15,8 @@
#include "operators/ip_match_from_file.h"
#include <string.h>
#include <string>
#include "operators/operator.h"
@ -24,7 +26,7 @@ namespace operators {
bool IpMatchFromFile::init(const std::string &file,
const char **error) {
std::string *error) {
std::string e("");
bool res = false;
@ -35,7 +37,7 @@ bool IpMatchFromFile::init(const std::string &file,
}
if (res == false) {
*error = e.c_str();
error->assign(e);
}
return res;

2
src/operators/ip_match_from_file.h
View File

@ -29,7 +29,7 @@ class IpMatchFromFile : public IpMatch {
IpMatchFromFile(std::string op, std::string param, bool negation)
: IpMatch(op, param, negation) { }
bool init(const std::string& file, const char **error) override;
bool init(const std::string& file, std::string *error) override;
};
} // namespace operators

2
src/operators/operator.h
View File

@ -40,7 +40,7 @@ class Operator {
std::string param;
bool negation;
virtual bool init(const std::string &file, const char **error) {
virtual bool init(const std::string &file, std::string *error) {
return true;
}

5
src/operators/pm.cc
View File

@ -85,13 +85,14 @@ bool Pm::evaluate(Transaction *transaction, const std::string &input) {
}
bool Pm::init(const std::string &file, const char **error) {
bool Pm::init(const std::string &file, std::string *error) {
std::vector<std::string> vec;
std::istringstream *iss;
const char *err = NULL;
replaceAll(param, "\\", "\\\\");
char *content = parse_pm_content(param.c_str(), param.length(), error);
char *content = parse_pm_content(param.c_str(), param.length(), &err);
if (content == NULL) {
iss = new std::istringstream(param);
} else {

2
src/operators/pm.h
View File

@ -39,7 +39,7 @@ class Pm : public Operator {
const std::string& to);
bool evaluate(Transaction *transaction, const std::string &input) override;
bool init(const std::string &file, const char **error) override;
bool init(const std::string &file, std::string *error) override;
void postOrderTraversal(acmp_btree_node_t *node);
protected:

8
src/operators/pm_from_file.cc
View File

@ -25,14 +25,14 @@ namespace modsecurity {
namespace operators {
bool PmFromFile::init(const std::string &config, const char **error) {
bool PmFromFile::init(const std::string &config, std::string *error) {
std::istream *iss;
if (param.compare(0, 8, "https://") == 0) {
Utils::HttpsClient client;
bool ret = client.download(param);
if (ret == false) {
*error = client.error.c_str();
error->assign(client.error);
return false;
}
iss = new std::stringstream(client.content);
@ -41,7 +41,7 @@ bool PmFromFile::init(const std::string &config, const char **error) {
iss = new std::ifstream(resource, std::ios::in);
if (((std::ifstream *)iss)->is_open() == false) {
*error = std::string("Failed to open file: " + param).c_str();
error->assign("Failed to open file: " + param);
delete iss;
return false;
}
@ -51,7 +51,7 @@ bool PmFromFile::init(const std::string &config, const char **error) {
acmp_add_pattern(m_p, line.c_str(), NULL, NULL, line.length());
}
acmp_prepare(m_p);
//acmp_prepare(m_p);
delete iss;
return true;

2
src/operators/pm_from_file.h
View File

@ -31,7 +31,7 @@ class PmFromFile : public Pm {
PmFromFile(std::string op, std::string param, bool negation)
: Pm(op, param, negation) { }
bool init(const std::string &file, const char **error) override;
bool init(const std::string &file, std::string *error) override;
};

3
src/operators/rx.h
View File

@ -40,6 +40,9 @@ class Rx : public Operator {
m_re = new Regex(param);
}
~Rx() {
delete m_re;
}
bool evaluate(Transaction *transaction, const std::string &input);
private:

26
src/operators/validate_byte_range.cc
View File

@ -23,7 +23,7 @@ namespace modsecurity {
namespace operators {
bool ValidateByteRange::getRange(const std::string &rangeRepresentation,
const char **error) {
std::string *error) {
size_t pos = param.find_first_of("-");
int start;
int end;
@ -32,8 +32,8 @@ bool ValidateByteRange::getRange(const std::string &rangeRepresentation,
try {
start = std::stoi(rangeRepresentation);
} catch(...) {
*error = ("Not able to convert '" + rangeRepresentation +
"' into a number").c_str();
error->assign("Not able to convert '" + rangeRepresentation +
"' into a number");
return false;
}
table[start >> 3] = (table[start >> 3] | (1 << (start & 0x7)));
@ -43,9 +43,9 @@ bool ValidateByteRange::getRange(const std::string &rangeRepresentation,
try {
start = std::stoi(std::string(rangeRepresentation, 0, pos));
} catch (...) {
*error = ("Not able to convert '" +
error->assign("Not able to convert '" +
std::string(rangeRepresentation, 0, pos) +
"' into a number").c_str();
"' into a number");
return false;
}
@ -53,24 +53,24 @@ bool ValidateByteRange::getRange(const std::string &rangeRepresentation,
end = std::stoi(std::string(rangeRepresentation, pos + 1,
rangeRepresentation.length() - (pos + 1)));
} catch (...) {
*error = ("Not able to convert '" + std::string(rangeRepresentation,
error->assign("Not able to convert '" + std::string(rangeRepresentation,
pos + 1, rangeRepresentation.length() - (pos + 1)) +
"' into a number").c_str();
"' into a number");
return false;
}
if ((start < 0) || (start > 255)) {
*error = ("Invalid range start value: " +
std::to_string(start)).c_str();
error->assign("Invalid range start value: " +
std::to_string(start));
return false;
}
if ((end < 0) || (end > 255)) {
*error = ("Invalid range end value: " + std::to_string(end)).c_str();
error->assign("Invalid range end value: " + std::to_string(end));
return false;
}
if (start > end) {
*error = ("Invalid range: " + std::to_string(start) + "-" +
std::to_string(end)).c_str();
error->assign("Invalid range: " + std::to_string(start) + "-" +
std::to_string(end));
return false;
}
@ -84,7 +84,7 @@ bool ValidateByteRange::getRange(const std::string &rangeRepresentation,
bool ValidateByteRange::init(const std::string &file,
const char **error) {
std::string *error) {
size_t pos = param.find_first_of(",");
if (pos == std::string::npos) {

4
src/operators/validate_byte_range.h
View File

@ -37,8 +37,8 @@ class ValidateByteRange : public Operator {
~ValidateByteRange() override { }
bool evaluate(Transaction *transaction, const std::string &input) override;
bool getRange(const std::string &rangeRepresentation, const char **error);
bool init(const std::string& file, const char **error) override;
bool getRange(const std::string &rangeRepresentation, std::string *error);
bool init(const std::string& file, std::string *error) override;
private:
std::vector<std::string> ranges;
char table[32];

5
src/operators/validate_dtd.cc
View File

@ -25,11 +25,10 @@ namespace modsecurity {
namespace operators {
bool ValidateDTD::init(const std::string &file, const char **error) {
bool ValidateDTD::init(const std::string &file, std::string *error) {
m_resource = find_resource(param, file);
if (m_resource == "") {
std::string f("XML: File not found: " + param + ".");
*error = strdup(f.c_str());
error->assign("XML: File not found: " + param + ".");
return false;
}

2
src/operators/validate_dtd.h
View File

@ -44,7 +44,7 @@ class ValidateDTD : public Operator {
}
bool evaluate(Transaction *transaction, const std::string &str) override;
bool init(const std::string &file, const char **error) override;
bool init(const std::string &file, std::string *error) override;
static void error_runtime(void *ctx, const char *msg, ...) {

5
src/operators/validate_schema.cc
View File

@ -25,11 +25,10 @@
namespace modsecurity {
namespace operators {
bool ValidateSchema::init(const std::string &file, const char **error) {
bool ValidateSchema::init(const std::string &file, std::string *error) {
m_resource = find_resource(param, file);
if (m_resource == "") {
std::string f("XML: File not found: " + param + ".");
*error = strdup(f.c_str());
error->assign("XML: File not found: " + param + ".");
return false;
}

2
src/operators/validate_schema.h
View File

@ -52,7 +52,7 @@ class ValidateSchema : public Operator {
}
bool evaluate(Transaction *transaction, const std::string &str) override;
bool init(const std::string &file, const char **error) override;
bool init(const std::string &file, std::string *error) override;
static void error_load(void *ctx, const char *msg, ...) {

4
src/operators/verify_cc.cc
View File

@ -69,7 +69,7 @@ int VerifyCC::luhnVerify(const char *ccnumber, int len) {
bool VerifyCC::init(const std::string &param2, const char **error) {
bool VerifyCC::init(const std::string &param2, std::string *error) {
const char *errptr = NULL;
int erroffset = 0;
@ -78,7 +78,7 @@ bool VerifyCC::init(const std::string &param2, const char **error) {
m_pce = pcre_study(m_pc, PCRE_STUDY_JIT_COMPILE, &errptr);
if ((m_pc == NULL) || (m_pce == NULL)) {
*error = errptr;
error->assign(errptr);
return false;
}

2
src/operators/verify_cc.h
View File

@ -34,7 +34,7 @@ class VerifyCC : public Operator {
int luhnVerify(const char *ccnumber, int len);
bool evaluate(Transaction *transaction, const std::string &input) override;
bool init(const std::string &param, const char **error) override;
bool init(const std::string &param, std::string *error) override;
private:
pcre *m_pc;
pcre_extra *m_pce;

6
src/parser/seclang-parser.yy
View File

@ -429,7 +429,7 @@ op:
OPERATOR
{
Operator *op = Operator::instantiate($1);
const char *error = NULL;
std::string error;
if (op->init(driver.ref.back(), &error) == false) {
driver.error(@0, error);
YYERROR;
@ -440,7 +440,7 @@ op:
{
#ifdef WITH_GEOIP
Operator *op = Operator::instantiate($1);
const char *error = NULL;
std::string error;
if (op->init(driver.ref.back(), &error) == false) {
driver.error(@0, error);
YYERROR;
@ -459,7 +459,7 @@ op:
text.pop_back();
text.erase(0, 1);
Operator *op = Operator::instantiate("\"@rx " + text + "\"");
const char *error = NULL;
std::string error;
if (op->init(driver.ref.back(), &error) == false) {
driver.error(@0, error);
YYERROR;

19
src/request_body_processor/multipart.cc
View File

@ -92,9 +92,17 @@ Multipart::~Multipart() {
}
}
while (!m_parts.empty()) {
m_parts.pop_front();
while (m_parts.empty() == false) {
auto *a = m_parts.back();
m_parts.pop_back();
delete a;
}
if (m_mpp != NULL) {
delete m_mpp;
m_mpp = NULL;
}
}
@ -734,9 +742,13 @@ int Multipart::process_part_header() {
return false;
}
m_mpp->m_headers.insert({header_name, header_value});
m_mpp->m_last_header_name.assign(header_name);
m_mpp->m_headers.emplace(
std::string(header_name), std::string(header_value));
debug(9, "Multipart: Added part header \"" + header_name \
+ "\" \"" + header_value + "\".");
}
@ -784,6 +796,7 @@ int Multipart::process_boundary(int last_part) {
debug(3, "Multipart: Skipping invalid part (part name missing): "
"(offset " + std::to_string(m_mpp->m_offset) + ", length "
+ std::to_string(m_mpp->m_length) + ")");
delete m_mpp;
}
m_mpp = NULL;

7
src/request_body_processor/multipart.h
View File

@ -54,13 +54,18 @@ struct MyEqual {
class MultipartPart {
public:
MultipartPart()
MultipartPart()
: m_type(MULTIPART_FORMDATA),
m_tmp_file_fd(0),
m_tmp_file_size(0),
m_offset(0),
m_length(0) { }
~MultipartPart () {
m_headers.clear();
m_value_parts.clear();
}
/* part type, can be MULTIPART_FORMDATA or MULTIPART_FILE */
int m_type;

1
src/rule.cc
View File

@ -309,6 +309,7 @@ bool Rule::evaluate(Transaction *trasn) {
variable->evaluateInternal(trasn, this, &z);
for (auto &y : z) {
exclusions.push_back(y->m_key);
delete y;
}
exclusions.push_back(variable->m_name);
}

13
src/rules.cc
View File

@ -78,6 +78,8 @@ void Rules::decrementReferenceCount(void) {
Rules::~Rules() {
int i = 0;
/** Cleanup the rules */
for (int i = 0; i < ModSecurity::Phases::NUMBER_OF_PHASES; i++) {
std::vector<Rule *> rules = this->rules[i];
@ -87,10 +89,20 @@ Rules::~Rules() {
rules.pop_back();
}
}
for (i = 0; i < ModSecurity::Phases::NUMBER_OF_PHASES; i++) {
std::vector<actions::Action *> *tmp = &defaultActions[i];
while (tmp->empty() == false) {
actions::Action *a = tmp->back();
tmp->pop_back();
delete a;
}
}
/** Cleanup audit log */
if (audit_log) {
audit_log->refCountDecreaseAndCheck();
}
free(unicode_map_table);
}
@ -128,6 +140,7 @@ int Rules::load(const char *file, const std::string &ref) {
if (driver->parse(file, ref) == false) {
parserError << driver->parserError.str();
delete driver;
return -1;
}
int rules = this->merge(driver);

2
src/transaction.cc
View File

@ -1395,6 +1395,7 @@ std::string Transaction::toJSON(int parts) {
m_collections.m_transient->resolveMultiMatches("REQUEST_HEADERS", &l);
for (auto h : l) {
LOGFY_ADD(h->m_key.c_str(), h->m_value.c_str());
delete h;
}
/* end: request headers */
@ -1424,6 +1425,7 @@ std::string Transaction::toJSON(int parts) {
m_collections.m_transient->resolveMultiMatches("RESPONSE_HEADERS", &l);
for (auto h : l) {
LOGFY_ADD(h->m_key.c_str(), h->m_value.c_str());
delete h;
}
/* end: response headers */

2
src/utils/acmp.cc
View File

@ -569,4 +569,4 @@ int acmp_process_quick(ACMPT *acmpt, const char **match, const char *data, size_
return 0;
}
}
}

28
src/utils/ip_tree.cc
View File

@ -39,50 +39,57 @@ void IpTree::postOrderTraversal(TreeNode *node) {
postOrderTraversal(node->right);
if (node->netmasks) {
delete node->netmasks;
free(node->netmasks);
node->netmasks = NULL;
}
if (node->prefix) {
if (node->prefix->buffer) {
delete node->prefix->buffer;
free(node->prefix->buffer);
node->prefix->buffer = NULL;
}
if (node->prefix->prefix_data) {
delete node->prefix->prefix_data;
free(node->prefix->prefix_data);
node->prefix->prefix_data = NULL;
}
delete node->prefix;
free(node->prefix);
node->prefix = NULL;
}
delete node;
free(node);
node = NULL;
}
IpTree::IpTree() {
// FIXME: deal with possible error.
char *error;
create_radix_tree(&m_tree, &error);
}
IpTree::~IpTree() {
if (m_tree != NULL) {
if (m_tree->ipv4_tree != NULL) {
// Tree_traversal: Post-order to delete all the items.
postOrderTraversal(m_tree->ipv4_tree->head);
delete m_tree->ipv4_tree;
free(m_tree->ipv4_tree);
m_tree->ipv4_tree = NULL;
}
if (m_tree->ipv6_tree != NULL) {
// Tree_traversal: Post-order to delete all the items.
postOrderTraversal(m_tree->ipv6_tree->head);
delete m_tree->ipv6_tree;
free(m_tree->ipv6_tree);
m_tree->ipv6_tree = NULL;
}
delete m_tree;
free(m_tree);
m_tree = NULL;
}
}
bool IpTree::addFromBuffer(std::istream *ss, std::string *error) {
char *error_msg = NULL;
for (std::string line; std::getline(*ss, line); ) {
int res = ip_tree_from_param(line.c_str(), &m_tree, &error_msg);
int res = add_ip_from_param(line.c_str(), &m_tree, &error_msg);
if (res != 0) {
if (error_msg != NULL) {
error->assign(error_msg);
@ -98,7 +105,6 @@ bool IpTree::addFromBuffer(std::istream *ss, std::string *error) {
bool IpTree::addFromBuffer(const std::string& buffer, std::string *error) {
std::stringstream ss;
ss << buffer;
return addFromBuffer(&ss, error);
}

3
src/utils/ip_tree.h
View File

@ -30,8 +30,7 @@ namespace Utils {
class IpTree {
public:
IpTree()
: m_tree(NULL) { }
IpTree();
~IpTree();
bool contains(const std::string &ip);

38
src/utils/msc_tree.cc
View File

@ -958,6 +958,44 @@ int tree_contains_ip(TreeRoot *rtree,
return 0;
}
int add_ip_from_param(
const char *param, TreeRoot **rtree, char **error_msg)
{
char *param_copy = strdup(param);
char *saved = NULL;
char *str = NULL;
TreeNode *tnode = NULL;
str = strtok_r(param_copy, ",", &saved);
while (str != NULL)
{
if (strchr(str, ':') == NULL)
{
tnode = TreeAddIP(str, (*rtree)->ipv4_tree, IPV4_TREE);
}
else
{
tnode = TreeAddIP(str, (*rtree)->ipv6_tree, IPV6_TREE);
}
if (tnode == NULL)
{
//*error_msg = apr_psprintf("Could not add entry " \
// "\"%s\" from: %s.", str, param);
free(param_copy);
return -1;
}
str = strtok_r(NULL, ",", &saved);
}
free(param_copy);
return 0;
}
int ip_tree_from_param(
const char *param, TreeRoot **rtree, char **error_msg)
{

1
src/utils/msc_tree.h
View File

@ -97,6 +97,7 @@ unsigned char is_netmask_v6(char *ip_strv6);
int tree_contains_ip(TreeRoot *rtree,
const char *value, char **error_msg);
int add_ip_from_param(const char *param, TreeRoot **rtree, char **error_msg);
int ip_tree_from_param(const char *param, TreeRoot **rtree, char **error_msg);
int create_radix_tree(TreeRoot **rtree, char **error_msg);
}

13
src/utils/regex.cc
View File

@ -45,6 +45,19 @@ Regex::Regex(const std::string& pattern_)
m_pce = pcre_study(m_pc, PCRE_STUDY_JIT_COMPILE, &errptr);
}
Regex::~Regex() {
if (m_pc != NULL) {
pcre_free(m_pc);
m_pc = NULL;
}
if (m_pce != NULL) {
pcre_free_study(m_pce);
m_pce = NULL;
}
}
int regex_search(const std::string& s, SMatch *match,
const Regex& regex) {
int ovector[OVECCOUNT];

1
src/utils/regex.h
View File

@ -31,6 +31,7 @@ namespace Utils {
class Regex {
public:
explicit Regex(const std::string& pattern_);
~Regex();
std::string pattern;
pcre *m_pc = NULL;
pcre_extra *m_pce = NULL;

2
test/regression/custom_debug_log.cc
View File

@ -27,6 +27,7 @@ CustomDebugLog *CustomDebugLog::new_instance() {
return new CustomDebugLog();
}
CustomDebugLog::~CustomDebugLog() { }
void CustomDebugLog::write(int level, const std::string& message) {
m_log << "[" << level << "] " << message << std::endl;
@ -35,7 +36,6 @@ void CustomDebugLog::write(int level, const std::string& message) {
bool CustomDebugLog::contains(const std::string& pattern) {
modsecurity::Utils::Regex re(pattern);
modsecurity::Utils::SMatch match;
std::string s = m_log.str();
return modsecurity::Utils::regex_search(s, re);
}

1
test/regression/custom_debug_log.h
View File

@ -26,6 +26,7 @@ namespace modsecurity_test {
class CustomDebugLog : public modsecurity::DebugLog {
public:
CustomDebugLog *new_instance();
~CustomDebugLog();
void write(int level, const std::string& message) override;
bool contains(const std::string& pattern);

28
test/regression/regression.cc
View File

@ -134,6 +134,11 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
std::cout << KCYN << "skipped!" << RESET << std::endl;
}
res->push_back(testRes);
delete modsec_transaction;
delete modsec_rules;
delete modsec;
continue;
}
@ -156,6 +161,11 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
<< std::endl;
testRes->passed = false;
res->push_back(testRes);
delete modsec_transaction;
delete modsec_rules;
delete modsec;
continue;
}
@ -174,6 +184,11 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
testRes->reason << KGRN << "passed!" << RESET << std::endl;
testRes->passed = true;
res->push_back(testRes);
delete modsec_transaction;
delete modsec_rules;
delete modsec;
continue;
} else {
/* Parser error was expected, but with a different content */
@ -193,6 +208,11 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
<< s << std::endl;
testRes->passed = false;
res->push_back(testRes);
delete modsec_transaction;
delete modsec_rules;
delete modsec;
continue;
}
} else {
@ -210,6 +230,11 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
}
testRes->passed = false;
res->push_back(testRes);
delete modsec_transaction;
delete modsec_rules;
delete modsec;
continue;
}
}
@ -340,7 +365,6 @@ after_debug_log:
int main(int argc, char **argv) {
ModSecurityTest<RegressionTest> test;
ModSecurityTestResults<RegressionTest> results;
int test_number = 0;
#ifdef WITH_GEOIP
@ -414,6 +438,7 @@ int main(int argc, char **argv) {
}
failed++;
}
delete r;
}
if (!test.m_automake_output) {
@ -439,6 +464,7 @@ int main(int argc, char **argv) {
}
delete vec;
}
#endif
return 0;
}

2
test/unit/unit.cc
View File

@ -47,7 +47,7 @@ void print_help() {
void perform_unit_test(ModSecurityTest<UnitTest> *test, UnitTest *t,
ModSecurityTestResults<UnitTest>* res) {
const char *error = NULL;
std::string error;
if (test->m_automake_output) {
std::cout << ":test-result: ";

35
test/valgrind_suppressions.txt
View File

@ -1,3 +1,26 @@
{
<insert_a_suppression_name_here>
Memcheck:Leak
match-leak-kinds: definite
fun:_Znwm
fun:_ZN11modsecurity9operators8Operator11instantiateENSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
fun:_ZN2yy14seclang_parser5parseEv
fun:_ZN11modsecurity6Parser6Driver5parseERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_
fun:_ZN11modsecurity5Rules4loadEPKcRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
fun:_Z17perform_unit_testPN16modsecurity_test15ModSecurityTestINS_14RegressionTestEEEPSt6vectorIPS1_SaIS5_EEPNS_22ModSecurityTestResultsINS_20RegressionTestResultEEEPi
fun:main
}
{
<insert_a_suppression_name_here>
Memcheck:Leak
match-leak-kinds: definite
fun:_Znwm
fun:_ZN2yy14seclang_parser5parseEv
fun:_ZN11modsecurity6Parser6Driver5parseERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_
fun:_ZN11modsecurity5Rules4loadEPKcRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
fun:_Z17perform_unit_testPN16modsecurity_test15ModSecurityTestINS_14RegressionTestEEEPSt6vectorIPS1_SaIS5_EEPNS_22ModSecurityTestResultsINS_20RegressionTestResultEEEPi
fun:main
}
{
<insert_a_suppression_name_here>
Memcheck:Leak
@ -73,4 +96,16 @@
fun:_Z17perform_unit_testPSt6vectorIPN16modsecurity_test14RegressionTestESaIS2_EEPNS0_22ModSecurityTestResultsIS1_EEPi
fun:main
}
{
<insert_a_suppression_name_here>
Memcheck:Leak
match-leak-kinds: definite
fun:_Znwm
fun:_ZN11modsecurity7actions6Action11instantiateERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
fun:_ZN2yy14seclang_parser5parseEv
fun:_ZN11modsecurity6Parser6Driver5parseERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_
fun:_ZN11modsecurity5Rules4loadEPKcRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
fun:_Z17perform_unit_testPN16modsecurity_test15ModSecurityTestINS_14RegressionTestEEEPSt6vectorIPS1_SaIS5_EEPNS_22ModSecurityTestResultsINS_20RegressionTestResultEEEPi
fun:main
}