Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Memory leaks + enhanced logging #3156

Closed
wants to merge 7 commits into from
Closed

Memory leaks + enhanced logging #3156

wants to merge 7 commits into from

Conversation

marcstern
Copy link
Contributor

Log audit lock name in case of problem.
Systematically log problems in update_rule_target_ex().
Fix some memory leaks in update_rule_target_ex().

@marcstern marcstern added the 2.x Related to ModSecurity version 2.x label May 28, 2024
@marcstern marcstern requested a review from airween May 28, 2024 14:57
airween
airween reviewed May 28, 2024
View reviewed changes
apache2/re.c
if(target_list == NULL)
return apr_psprintf(ruleset->mp, "Error to update target - memory allocation");;
if (target_list == NULL) {
my_error_msg = apr_psprintf(ruleset->mp, "Error to update target - memory allocation");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here (and at some other cases) you removed the return statement and after set of my_error_msg you jump to the label end. There you call an msr_log(msr, 9, my_error_msg) and always return with NULL.

But the calling places return this value, so may be that char * needs there - isn't it?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right, I fixed the return value

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented May 29, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
2 Security Hotspots
25.0% Duplication on New Code (required ≤ 3%)
D Maintainability Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

@marcstern marcstern requested a review from airween June 7, 2024 12:21
@marcstern marcstern closed this by deleting the head repository Jul 20, 2024
@marcstern
Copy link
Contributor Author

replaced by #3191

@marcstern marcstern mentioned this pull request Jul 22, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@airween airween Awaiting requested review from airween

Assignees
No one assigned
Labels
2.x Related to ModSecurity version 2.x
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@marcstern @airween