You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
when using ModSecurity with JSON parsing enabled, we identified a significant memory leak.
It appears that when using the JSON parser to parse request body, a yajl handle is allocated using yajl_alloc, but is never reased. The function json_cleanup in msc_json.c does not clean up anything.
the suggested fix is below: (in apache2/msc_json.c line 308)
/**
* Frees the resources used for JSON parsing.
*/
apr_status_t json_cleanup(modsec_rec *msr) {
msr_log(msr, 4, "JSON: Cleaning up JSON results");
if (msr->json->handle != NULL) {
yajl_free(msr->json->handle);
msr->json->handle = NULL;
}
return 1;
}
Thanks
The text was updated successfully, but these errors were encountered:
Hello,
when using ModSecurity with JSON parsing enabled, we identified a significant memory leak.
It appears that when using the JSON parser to parse request body, a yajl handle is allocated using
yajl_alloc, but is never reased. The functionjson_cleanupinmsc_json.cdoes not clean up anything.the suggested fix is below: (in
apache2/msc_json.cline 308)Thanks
The text was updated successfully, but these errors were encountered: