github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix memory leak of validateDTD's dtd object

Browse Source
This commit is contained in:
Martin Vierula 2023-10-30 15:40:36 -07:00
parent a9edee3dbe
commit beaa452302
No known key found for this signature in database
GPG Key ID: F2FC4E45883BCBA4
3 changed files with 37 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGES
View File

@ -1,6 +1,8 @@
v3.x.y - YYYY-MMM-DD (to be released) v3.x.y - YYYY-MMM-DD (to be released)
------------------------------------- -------------------------------------
- Fix memory leak of validateDTD's dtd object
[Issue #3008 - @martinhsv, @zimmerle]
- Fix memory leaks in ValidateSchema - Fix memory leaks in ValidateSchema
[Issue #3005 - @martinhsv, @zimmerle] [Issue #3005 - @martinhsv, @zimmerle]
- Add support for expirevar action - Add support for expirevar action

31
src/operators/validate_dtd.cc
View File

@ -1,6 +1,6 @@
/* /*
* ModSecurity, http://www.modsecurity.org/ * ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/) * Copyright (c) 2015 - 2023 Trustwave Holdings, Inc. (http://www.trustwave.com/)
* *
* You may not use this file except in compliance with * You may not use this file except in compliance with
* the License. You may obtain a copy of the License at * the License. You may obtain a copy of the License at
@ -43,25 +43,24 @@ bool ValidateDTD::init(const std::string &file, std::string *error) {
} }
bool ValidateDTD::evaluate(Transaction *t, const std::string &str) { bool ValidateDTD::evaluate(Transaction *transaction, const std::string &str) {
xmlValidCtxtPtr cvp;
m_dtd = xmlParseDTD(NULL, (const xmlChar *)m_resource.c_str()); XmlDtdPtrManager dtd(xmlParseDTD(NULL, (const xmlChar *)m_resource.c_str()));
if (m_dtd == NULL) { if (dtd.get() == NULL) {
std::string err = std::string("XML: Failed to load DTD: ") \ std::string err = std::string("XML: Failed to load DTD: ") \
+ m_resource; + m_resource;
ms_dbg_a(t, 4, err); ms_dbg_a(transaction, 4, err);
return true; return true;
} }
if (t->m_xml->m_data.doc == NULL) { if (transaction->m_xml->m_data.doc == NULL) {
ms_dbg_a(t, 4, "XML document tree could not "\ ms_dbg_a(transaction, 4, "XML document tree could not "\
"be found for DTD validation."); "be found for DTD validation.");
return true; return true;
} }
if (t->m_xml->m_data.well_formed != 1) { if (transaction->m_xml->m_data.well_formed != 1) {
ms_dbg_a(t, 4, "XML: DTD validation failed because " \ ms_dbg_a(transaction, 4, "XML: DTD validation failed because " \
"content is not well formed."); "content is not well formed.");
return true; return true;
} }
@ -76,24 +75,24 @@ bool ValidateDTD::evaluate(Transaction *t, const std::string &str) {
} }
#endif #endif
cvp = xmlNewValidCtxt(); xmlValidCtxtPtr cvp = xmlNewValidCtxt();
if (cvp == NULL) { if (cvp == NULL) {
ms_dbg_a(t, 4, "XML: Failed to create a validation context."); ms_dbg_a(transaction, 4, "XML: Failed to create a validation context.");
return true; return true;
} }
/* Send validator errors/warnings to msr_log */ /* Send validator errors/warnings to msr_log */
cvp->error = (xmlSchemaValidityErrorFunc)error_runtime; cvp->error = (xmlSchemaValidityErrorFunc)error_runtime;
cvp->warning = (xmlSchemaValidityErrorFunc)warn_runtime; cvp->warning = (xmlSchemaValidityErrorFunc)warn_runtime;
cvp->userData = t; cvp->userData = transaction;
if (!xmlValidateDtd(cvp, t->m_xml->m_data.doc, m_dtd)) { if (!xmlValidateDtd(cvp, transaction->m_xml->m_data.doc, dtd.get())) {
ms_dbg_a(t, 4, "XML: DTD validation failed."); ms_dbg_a(transaction, 4, "XML: DTD validation failed.");
xmlFreeValidCtxt(cvp); xmlFreeValidCtxt(cvp);
return true; return true;
} }
ms_dbg_a(t, 4, std::string("XML: Successfully validated " \ ms_dbg_a(transaction, 4, std::string("XML: Successfully validated " \
"payload against DTD: ") + m_resource); "payload against DTD: ") + m_resource);
xmlFreeValidCtxt(cvp); xmlFreeValidCtxt(cvp);

28
src/operators/validate_dtd.h
View File

@ -1,6 +1,6 @@
/* /*
* ModSecurity, http://www.modsecurity.org/ * ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/) * Copyright (c) 2015 - 2023 Trustwave Holdings, Inc. (http://www.trustwave.com/)
* *
* You may not use this file except in compliance with * You may not use this file except in compliance with
* the License. You may obtain a copy of the License at * the License. You may obtain a copy of the License at
@ -33,18 +33,31 @@
namespace modsecurity { namespace modsecurity {
namespace operators { namespace operators {
class XmlDtdPtrManager {
public:
/** @ingroup ModSecurity_Operator */
explicit XmlDtdPtrManager(xmlDtdPtr dtd)
: m_dtd(dtd) { }
~XmlDtdPtrManager() {
#ifdef WITH_LIBXML2
if (m_dtd != NULL) {
xmlFreeDtd(m_dtd);
m_dtd = NULL;
}
#endif
}
xmlDtdPtr get() const {return m_dtd;}
private:
xmlDtdPtr m_dtd; // The resource being managed
};
class ValidateDTD : public Operator { class ValidateDTD : public Operator {
public: public:
/** @ingroup ModSecurity_Operator */ /** @ingroup ModSecurity_Operator */
explicit ValidateDTD(std::unique_ptr<RunTimeString> param) explicit ValidateDTD(std::unique_ptr<RunTimeString> param)
: Operator("ValidateDTD", std::move(param)) { } : Operator("ValidateDTD", std::move(param)) { }
#ifdef WITH_LIBXML2 #ifdef WITH_LIBXML2
~ValidateDTD() { ~ValidateDTD() { }
if (m_dtd != NULL) {
xmlFreeDtd(m_dtd);
m_dtd = NULL;
}
}
bool evaluate(Transaction *transaction, const std::string &str) override; bool evaluate(Transaction *transaction, const std::string &str) override;
bool init(const std::string &file, std::string *error) override; bool init(const std::string &file, std::string *error) override;
@ -89,7 +102,6 @@ class ValidateDTD : public Operator {
private: private:
std::string m_resource; std::string m_resource;
xmlDtdPtr m_dtd = NULL;
#endif #endif
}; };