v3.1-experimental branch -- multiple memory leaks #2469
Comments
set_envI believe you are referring to: Is it a consequence of strdup? that was used to set the variable. It is gone when the process exit. modsec_bulidDuplicate as the memory leak reported on #2376. Fixed. Here the variable is generated: Here is the constructor for VariableValue: validate_dtdIs it the right place? |
|
set_env.cc: Perhaps I'm misunderstanding you but waiting for the process to terminate doesn't help here. Because the memory allocation is occurring in the execute function, this is a per-transaction leak. |
|
modsec_build.cc: Yes, the heap memory allocation is happening in that particular VariableValue constructor. And it is due to the line with that push_back in modsec_build.cc. But, like the previous case, because this is occurring within the evaluate function, this is a per-process leak. |
|
validate_dtd: No, it's at validate_dtd.cc:52 (line number from 3.1-experimental): I haven't fully confirmed this one, but I believe this is the same sort of issue; this line of code is in the evaluate function which means it runs every transaction and overwrites the the previous value of the pointer m_dtd. Which means that the memory that had been pointed to is leaked on a per-transaction basis. |
|
None of the above were already fixed in 3.1-experimental when I ran the tests on Friday -- I did make sure to run against the current revision of 3.1-experimental as of that date. |
|
In glibc, What's the use case for the setenv operator, anyway? Manipulating the global process state from transaction handling code seems like a bad idea. |
|
FYI #2381 (comment) |
|
Regarding the 2nd of 3 leaks reported in this issue (i.e. modsec_build), as stated
Confirmed. No further work required for this one. |
|
Adding an additional one:
This is structurally similar to the previous-reported validate_dtd.cc leak, and is likewise a per-transaction memory leak |
|
I'm going to recommend we leave aside the leak identified above as '1) set_env.cc:41' If and when we want to improve this, a likely avenue (as suggested by @WGH- ) would be to use setenv() instead of putenv(). But for now:
|
|
Summarize:
It is essential to mention that those are issues regarding specific functionality - One may face it upon utilizing those resources' unitedness. set_env.ccThere is interesting information on the subject here: StackOverFlow. Indeed, setenv seems to be a better choice than putenv. Thank you, @martinhsv and @WGH-, for raising this. I knew that putenv was not so gentle; the alternative of using setenv seems good. I was studying the differences and I end up changing the code here - 6464b9a modsec_build.ccIt is fixed already. Likely to be a dup. validate_dtd.ccStill have to look in this one. I do have some concerns about a possible race conditions. This possible race condition was the motivation to initialize this member (m_dtd) on ever evaluation. Back then, I did not notice the leak. I will have a look at it tomorrow and update here accordingly. Thanks @martinhsv nice effort! |
|
Just so it doesn't get forgotten ... validate_schema.cc was added later as a fourth item. It is comparable to the validate_dtd.cc issue and has a similar pull request available. |
|
Last update -
All issues are now closed! |
Within current v3/dev/3.1-experimental, I believe I have identified some additional memory leaks that have not yet been addressed:
The text was updated successfully, but these errors were encountered: