Fixes regarding memory management

Fixes assorted issues identified by valgrind.
2025-09-29 19:24:29 +03:00 · 2016-06-15 23:52:26 -03:00
parent cb91af537c
commit 9919026620
46 changed files with 234 additions and 73 deletions
--- a/src/operators/ip_match.cc
+++ b/src/operators/ip_match.cc
@@ -25,12 +25,12 @@ namespace modsecurity {
 namespace operators {


-bool IpMatch::init(const std::string &file, const char **error) {
+bool IpMatch::init(const std::string &file, std::string *error) {
    std::string e("");
    bool res = m_tree.addFromBuffer(param, &e);

    if (res == false) {
-        *error = e.c_str();
+        error->assign(e);
    }

    return res;
--- a/src/operators/ip_match.h
+++ b/src/operators/ip_match.h
@@ -33,7 +33,7 @@ class IpMatch : public Operator {

    bool evaluate(Transaction *transaction, const std::string &input) override;

-    bool init(const std::string &file, const char **error) override;
+    bool init(const std::string &file, std::string *error) override;

 protected:
    Utils::IpTree m_tree;
--- a/src/operators/ip_match_from_file.cc
+++ b/src/operators/ip_match_from_file.cc
@@ -15,6 +15,8 @@

 #include "operators/ip_match_from_file.h"

+#include <string.h>
+
 #include <string>

 #include "operators/operator.h"
@@ -24,7 +26,7 @@ namespace operators {


 bool IpMatchFromFile::init(const std::string &file,
-    const char **error) {
+    std::string *error) {
    std::string e("");
    bool res = false;

@@ -35,7 +37,7 @@ bool IpMatchFromFile::init(const std::string &file,
    }

    if (res == false) {
-        *error = e.c_str();
+        error->assign(e);
    }

    return res;
--- a/src/operators/ip_match_from_file.h
+++ b/src/operators/ip_match_from_file.h
@@ -29,7 +29,7 @@ class IpMatchFromFile : public IpMatch {
    IpMatchFromFile(std::string op, std::string param, bool negation)
        : IpMatch(op, param, negation) { }

-    bool init(const std::string& file, const char **error) override;
+    bool init(const std::string& file, std::string *error) override;
 };

 }  // namespace operators
--- a/src/operators/operator.h
+++ b/src/operators/operator.h
@@ -40,7 +40,7 @@ class Operator {
    std::string param;
    bool negation;

-    virtual bool init(const std::string &file, const char **error) {
+    virtual bool init(const std::string &file, std::string *error) {
        return true;
    }

--- a/src/operators/pm.cc
+++ b/src/operators/pm.cc
@@ -85,13 +85,14 @@ bool Pm::evaluate(Transaction *transaction, const std::string &input) {
 }


-bool Pm::init(const std::string &file, const char **error) {
+bool Pm::init(const std::string &file, std::string *error) {
    std::vector<std::string> vec;
    std::istringstream *iss;
+    const char *err = NULL;

    replaceAll(param, "\\", "\\\\");

-    char *content = parse_pm_content(param.c_str(), param.length(), error);
+    char *content = parse_pm_content(param.c_str(), param.length(), &err);
    if (content == NULL) {
        iss = new std::istringstream(param);
    } else {
--- a/src/operators/pm.h
+++ b/src/operators/pm.h
@@ -39,7 +39,7 @@ class Pm : public Operator {
        const std::string& to);
    bool evaluate(Transaction *transaction, const std::string &input) override;

-    bool init(const std::string &file, const char **error) override;
+    bool init(const std::string &file, std::string *error) override;
    void postOrderTraversal(acmp_btree_node_t *node);

 protected:
--- a/src/operators/pm_from_file.cc
+++ b/src/operators/pm_from_file.cc
@@ -25,14 +25,14 @@ namespace modsecurity {
 namespace operators {


-bool PmFromFile::init(const std::string &config, const char **error) {
+bool PmFromFile::init(const std::string &config, std::string *error) {
    std::istream *iss;

    if (param.compare(0, 8, "https://") == 0) {
        Utils::HttpsClient client;
        bool ret = client.download(param);
        if (ret == false) {
-            *error = client.error.c_str();
+            error->assign(client.error);
            return false;
        }
        iss = new std::stringstream(client.content);
@@ -41,7 +41,7 @@ bool PmFromFile::init(const std::string &config, const char **error) {
        iss = new std::ifstream(resource, std::ios::in);

        if (((std::ifstream *)iss)->is_open() == false) {
-            *error = std::string("Failed to open file: " + param).c_str();
+            error->assign("Failed to open file: " + param);
            delete iss;
            return false;
        }
@@ -51,7 +51,7 @@ bool PmFromFile::init(const std::string &config, const char **error) {
        acmp_add_pattern(m_p, line.c_str(), NULL, NULL, line.length());
    }

-    acmp_prepare(m_p);
+    //acmp_prepare(m_p);

    delete iss;
    return true;
--- a/src/operators/pm_from_file.h
+++ b/src/operators/pm_from_file.h
@@ -31,7 +31,7 @@ class PmFromFile : public Pm {
    PmFromFile(std::string op, std::string param, bool negation)
        : Pm(op, param, negation) { }

-    bool init(const std::string &file, const char **error) override;
+    bool init(const std::string &file, std::string *error) override;
 };


--- a/src/operators/rx.h
+++ b/src/operators/rx.h
@@ -40,6 +40,9 @@ class Rx : public Operator {
            m_re = new Regex(param);
        }

+    ~Rx() {
+        delete m_re;
+    }
    bool evaluate(Transaction *transaction, const std::string &input);

 private:
--- a/src/operators/validate_byte_range.cc
+++ b/src/operators/validate_byte_range.cc
@@ -23,7 +23,7 @@ namespace modsecurity {
 namespace operators {

 bool ValidateByteRange::getRange(const std::string &rangeRepresentation,
-    const char **error) {
+    std::string *error) {
    size_t pos = param.find_first_of("-");
    int start;
    int end;
@@ -32,8 +32,8 @@ bool ValidateByteRange::getRange(const std::string &rangeRepresentation,
        try {
            start = std::stoi(rangeRepresentation);
        } catch(...) {
-            *error = ("Not able to convert '" + rangeRepresentation +
-                "' into a number").c_str();
+            error->assign("Not able to convert '" + rangeRepresentation +
+                "' into a number");
            return false;
        }
        table[start >> 3] = (table[start >> 3] | (1 << (start & 0x7)));
@@ -43,9 +43,9 @@ bool ValidateByteRange::getRange(const std::string &rangeRepresentation,
    try {
        start = std::stoi(std::string(rangeRepresentation, 0, pos));
    } catch (...) {
-        *error = ("Not able to convert '" +
+        error->assign("Not able to convert '" +
            std::string(rangeRepresentation, 0, pos) +
-            "' into a number").c_str();
+            "' into a number");
        return false;
    }

@@ -53,24 +53,24 @@ bool ValidateByteRange::getRange(const std::string &rangeRepresentation,
        end = std::stoi(std::string(rangeRepresentation, pos + 1,
            rangeRepresentation.length() - (pos + 1)));
    } catch (...) {
-        *error = ("Not able to convert '" + std::string(rangeRepresentation,
+        error->assign("Not able to convert '" + std::string(rangeRepresentation,
            pos + 1, rangeRepresentation.length() - (pos + 1)) +
-            "' into a number").c_str();
+            "' into a number");
        return false;
    }

    if ((start < 0) || (start > 255)) {
-        *error = ("Invalid range start value: " +
-            std::to_string(start)).c_str();
+        error->assign("Invalid range start value: " +
+            std::to_string(start));
        return false;
    }
    if ((end < 0) || (end > 255)) {
-       *error = ("Invalid range end value: " + std::to_string(end)).c_str();
+       error->assign("Invalid range end value: " + std::to_string(end));
       return false;
    }
    if (start > end) {
-       *error = ("Invalid range: " + std::to_string(start) + "-" +
-           std::to_string(end)).c_str();
+       error->assign("Invalid range: " + std::to_string(start) + "-" +
+           std::to_string(end));
       return false;
    }

@@ -84,7 +84,7 @@ bool ValidateByteRange::getRange(const std::string &rangeRepresentation,


 bool ValidateByteRange::init(const std::string &file,
-    const char **error) {
+    std::string *error) {
    size_t pos = param.find_first_of(",");

    if (pos == std::string::npos) {
--- a/src/operators/validate_byte_range.h
+++ b/src/operators/validate_byte_range.h
@@ -37,8 +37,8 @@ class ValidateByteRange : public Operator {
    ~ValidateByteRange() override { }

    bool evaluate(Transaction *transaction, const std::string &input) override;
-    bool getRange(const std::string &rangeRepresentation, const char **error);
-    bool init(const std::string& file, const char **error) override;
+    bool getRange(const std::string &rangeRepresentation, std::string *error);
+    bool init(const std::string& file, std::string *error) override;
 private:
    std::vector<std::string> ranges;
    char table[32];
--- a/src/operators/validate_dtd.cc
+++ b/src/operators/validate_dtd.cc
@@ -25,11 +25,10 @@ namespace modsecurity {
 namespace operators {


-bool ValidateDTD::init(const std::string &file, const char **error) {
+bool ValidateDTD::init(const std::string &file, std::string *error) {
    m_resource = find_resource(param, file);
    if (m_resource == "") {
-        std::string f("XML: File not found: " + param + ".");
-        *error = strdup(f.c_str());
+        error->assign("XML: File not found: " + param + ".");
        return false;
    }

--- a/src/operators/validate_dtd.h
+++ b/src/operators/validate_dtd.h
@@ -44,7 +44,7 @@ class ValidateDTD : public Operator {
    }

    bool evaluate(Transaction *transaction, const std::string  &str) override;
-    bool init(const std::string &file, const char **error) override;
+    bool init(const std::string &file, std::string *error) override;


    static void error_runtime(void *ctx, const char *msg, ...) {
--- a/src/operators/validate_schema.cc
+++ b/src/operators/validate_schema.cc
@@ -25,11 +25,10 @@
 namespace modsecurity {
 namespace operators {

-bool ValidateSchema::init(const std::string &file, const char **error) {
+bool ValidateSchema::init(const std::string &file, std::string *error) {
    m_resource = find_resource(param, file);
    if (m_resource == "") {
-        std::string f("XML: File not found: " + param + ".");
-        *error = strdup(f.c_str());
+        error->assign("XML: File not found: " + param + ".");
        return false;
    }

--- a/src/operators/validate_schema.h
+++ b/src/operators/validate_schema.h
@@ -52,7 +52,7 @@ class ValidateSchema : public Operator {
    }

    bool evaluate(Transaction *transaction, const std::string  &str) override;
-    bool init(const std::string &file, const char **error) override;
+    bool init(const std::string &file, std::string *error) override;


    static void error_load(void *ctx, const char *msg, ...) {
--- a/src/operators/verify_cc.cc
+++ b/src/operators/verify_cc.cc
@@ -69,7 +69,7 @@ int VerifyCC::luhnVerify(const char *ccnumber, int len) {



-bool VerifyCC::init(const std::string &param2, const char **error) {
+bool VerifyCC::init(const std::string &param2, std::string *error) {
    const char *errptr = NULL;
    int erroffset = 0;

@@ -78,7 +78,7 @@ bool VerifyCC::init(const std::string &param2, const char **error) {
    m_pce = pcre_study(m_pc, PCRE_STUDY_JIT_COMPILE, &errptr);

    if ((m_pc == NULL) || (m_pce == NULL)) {
-        *error = errptr;
+        error->assign(errptr);
        return false;
    }

--- a/src/operators/verify_cc.h
+++ b/src/operators/verify_cc.h
@@ -34,7 +34,7 @@ class VerifyCC : public Operator {

    int luhnVerify(const char *ccnumber, int len);
    bool evaluate(Transaction *transaction, const std::string &input) override;
-    bool init(const std::string &param, const char **error) override;
+    bool init(const std::string &param, std::string *error) override;
 private:
    pcre *m_pc;
    pcre_extra *m_pce;