github_mirrors/attachment
3
0
Fork 1
mirror of https://github.com/openappsec/attachment.git synced 2025-12-31 13:49:09 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix oom caused by using freed values

Browse Source
This commit is contained in:
wiaamm
2025-12-06 13:40:00 +02:00
parent 6924be03b2
commit 83b3b0af0a
2 changed files with 76 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
attachments/kong/plugins/open-appsec-waf-kong-plugin/nano_ffi.lua
View File

@@ -91,6 +91,11 @@ function nano.handle_custom_response(session_data, response)
return kong.response.exit(200, "Request allowed due to attachment unavailability")
end
if not session_data or not response then
kong.log.err("Invalid session_data or response in handle_custom_response")
return kong.response.exit(500, "Internal Server Error")
end
local response_type = nano_attachment.get_web_response_type(attachment, session_data, response)
if response_type == nano.WebResponseType.RESPONSE_CODE_ONLY then
@@ -264,6 +269,12 @@ end
function nano.handleHeaders(headers)
local header_data = nano_attachment.allocHttpHeaders()
if not header_data then
kong.log.err("Failed to allocate HTTP headers")
return nil
end
table.insert(nano.allocate_headers, header_data)
local index = 0