Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
isv:cpanel:EA4
mod_security2
0003-Import-some-memory-leak-fixes-for-Mod-Secu...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0003-Import-some-memory-leak-fixes-for-Mod-Security-2.9.x.patch of Package mod_security2
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Travis Holloway <t.holloway@cpanel.net> Date: Thu, 5 Jan 2023 15:49:30 -0600 Subject: [PATCH 3/4] Import some memory leak fixes for Mod Security 2.9.x NOTE: Gary Stanley patch for fix memory leaks originally from EA-10203 - Fix memory leaks caused by unfreed compiled regex data. This was determined to be more of an issue when Mod Security is compiled with PCRE's JIT, but it still slowly leaks when it's disabled (the default) https://github.com/SpiderLabs/ModSecurity/pull/2263/commits - Backport local memory pool enhancement from 3.x pull request https://github.com/SpiderLabs/ModSecurity/pull/2177 - Memory leak in modsecurity_request_body_to_stream https://github.com/SpiderLabs/ModSecurity/issues/2208 This might help bigger customers reporting memory/performance problems (godaddy, etc). Fixup build failures on CentOS6 by reverting part of the patch for C6 only. C6's PCRE, which is the 7.x series, doesn't have pcre_study etc. Since C6 is EOL, this isn't a huge deal. --- apache2/msc_pcre.c | 25 +++++++++++++++-------- apache2/re.c | 51 +++++++++++++++++----------------------------- 2 files changed, 35 insertions(+), 41 deletions(-) diff --git a/apache2/msc_pcre.c b/apache2/msc_pcre.c index 6f1a9a1..961f925 100644 --- a/apache2/msc_pcre.c +++ b/apache2/msc_pcre.c @@ -31,8 +31,8 @@ static apr_status_t msc_pcre_cleanup(msc_regex_t *regex) { } #else if (regex->pe != NULL) { -#if defined(VERSION_NGINX) - pcre_free(regex->pe); +#if PCRE_MAJOR >= 8 + pcre_free_study(regex->pe); #else free(regex->pe); #endif @@ -150,21 +150,28 @@ void *msc_pregcomp_ex(apr_pool_t *pool, const char *pattern, int options, } if (regex->re == NULL) return NULL; - #ifdef WITH_PCRE_STUDY - #ifdef WITH_PCRE_JIT + /* PCRE on CentOS 6 doesn't have PCRE_STUDY_NEEDED, omit for now */ + #if PCRE_MAJOR >= 8 + #ifdef WITH_PCRE_STUDY /* This is enabled by default on modsec 2.9.3+ */ + #ifdef WITH_PCRE_JIT /* Disabled by default on cPanel builds */ + pe = pcre_study(regex->re, PCRE_STUDY_EXTRA_NEEDED|PCRE_STUDY_JIT_COMPILE, &errptr); + #else + pe = pcre_study(regex->re, PCRE_STUDY_EXTRA_NEEDED, &errptr); + #endif + #endif + #else /* Fallback for CentOS 6/CL6 PCRE's version */ + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT pe = pcre_study(regex->re, PCRE_STUDY_JIT_COMPILE, &errptr); - #else + #else pe = pcre_study(regex->re, 0, &errptr); + #endif #endif #endif /* Setup the pcre_extra record if pcre_study did not already do it */ if (pe == NULL) { -#if defined(VERSION_NGINX) pe = pcre_malloc(sizeof(pcre_extra)); -#else - pe = malloc(sizeof(pcre_extra)); -#endif if (pe == NULL) { return NULL; } diff --git a/apache2/re.c b/apache2/re.c index 9ded3be..bec046f 100644 --- a/apache2/re.c +++ b/apache2/re.c @@ -249,18 +249,25 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r char *opt = NULL, *param = NULL; char *target_list = NULL, *replace = NULL; int i, rc, match = 0, var_appended = 0; + apr_pool_t *local_pool = NULL; if(rule != NULL) { + apr_status_t status = apr_pool_create(&local_pool, NULL); + if (status < 0) { + return apr_psprintf(ruleset->mp, "Error creating memory pool: %d", status); + } - target_list = strdup(p2); - if(target_list == NULL) + target_list = apr_pstrdup(local_pool, p2); + if(target_list == NULL) { + apr_pool_destroy(local_pool); return apr_psprintf(ruleset->mp, "Error to update target - memory allocation");; + } if(p3 != NULL) { replace = strdup(p3); + replace = apr_pstrdup(local_pool, p3); if(replace == NULL) { - free(target_list); - target_list = NULL; + apr_pool_destroy(local_pool); return apr_psprintf(ruleset->mp, "Error to update target - memory allocation");; } } @@ -292,10 +299,7 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r } if(apr_table_get(ruleset->engine->variables, name) == NULL) { - if(target_list != NULL) - free(target_list); - if(replace != NULL) - free(replace); + apr_pool_destroy(local_pool); if(msr) { msr_log(msr, 9, "Error to update target - [%s] is not valid target", name); } @@ -385,9 +389,11 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r } } else { - target = strdup(p); - if(target == NULL) + target = apr_pstrdup(local_pool, p); + if(target == NULL) { + apr_pool_destroy(local_pool); return NULL; + } is_negated = is_counting = 0; param = name = value = NULL; @@ -417,10 +423,7 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r } if(apr_table_get(ruleset->engine->variables, name) == NULL) { - if(target_list != NULL) - free(target_list); - if(replace != NULL) - free(replace); + apr_pool_destroy(local_pool); if(msr) { msr_log(msr, 9, "Error to update target - [%s] is not valid target", name); } @@ -462,11 +465,6 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r } } - if(target != NULL) { - free(target); - target = NULL; - } - if(match == 0 ) { rc = msre_parse_targets(ruleset, p, rule->targets, &my_error_msg); if (rc < 0) { @@ -497,7 +495,7 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r } if(var_appended == 1) { - current_targets = msre_generate_target_string(ruleset->mp, rule); + current_targets = msre_generate_target_string(local_pool, rule); rule->unparsed = msre_rule_generate_unparsed(ruleset->mp, rule, current_targets, NULL, NULL); rule->p1 = apr_pstrdup(ruleset->mp, current_targets); if(msr) { @@ -512,18 +510,7 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r } end: - if(target_list != NULL) { - free(target_list); - target_list = NULL; - } - if(replace != NULL) { - free(replace); - replace = NULL; - } - if(target != NULL) { - free(target); - target = NULL; - } + apr_pool_destroy(local_pool); return NULL; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor