You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Whenver we are loading the rule to Modsecurity library using 'msc_rules_add', it leaks memory fe bytes of memory.
In our used-case, we need to load the rulset multiple times dynamically, this leak is gradually increasing and causing high memory usage.
Logs and dumps
Leak report:
Direct leak of 25344 byte(s) in 528 object(s) allocated from:
#0 0x4961ac in operator new(unsigned long) #1 0xd3e250 in yy::seclang_parser::parse() seclang-parser.yy:2762 #2 0xd142e4 in modsecurity::Parser::Driver::parse(std::string const&, std::string const&) parser/driver.cc:148 #3 0xcc30b8 in modsecurity::RulesSet::load(char const*, std::string const&) rules_set.cc:69 #4 0xcc38d4 in modsecurity::RulesSet::load(char const*) rules_set.cc:100 #5 0xcc3978 in msc_rules_add rules_set.cc:306
Direct leak of 6336 byte(s) in 132 object(s) allocated from:
#0 0x4961ac in operator new(unsigned long) #1 0xd3e250 in yy::seclang_parser::parse() seclang-parser.yy:2762 #2 0xd142e4 in modsecurity::Parser::Driver::parse(std::string const&, std::string const&) parser/driver.cc:148 #3 0xcc30b8 in modsecurity::RulesSet::load(char const*, std::string const&) rules_set.cc:69 #4 0xcc38d4 in modsecurity::RulesSet::load(char const*) rules_set.cc:100 #5 0xcc3978 in msc_rules_add rules_set.cc:306
Output of:
DebugLogs (level 9)
AuditLogs
Error logs
Please let me know how to collect and will provide the same
To Reproduce
Run the app with asan.
Load the rules using 'msc_rules_add'
Server (please complete the following information):
ModSecurity version : [e.g. ModSecurity v3.0.10)
WebServer: [e.g. Any web server]
OS (and distro): [e.g. Linux, centos]
Rule Set (please complete the following information):
Running any public or commercial rule set? [e.g. SpiderLabs commercial rules]
CRS 3.0.0
The text was updated successfully, but these errors were encountered:
Describe the bug
Whenver we are loading the rule to Modsecurity library using 'msc_rules_add', it leaks memory fe bytes of memory.
In our used-case, we need to load the rulset multiple times dynamically, this leak is gradually increasing and causing high memory usage.
Logs and dumps
Leak report:
Direct leak of 25344 byte(s) in 528 object(s) allocated from:
#0 0x4961ac in operator new(unsigned long)
#1 0xd3e250 in yy::seclang_parser::parse() seclang-parser.yy:2762
#2 0xd142e4 in modsecurity::Parser::Driver::parse(std::string const&, std::string const&) parser/driver.cc:148
#3 0xcc30b8 in modsecurity::RulesSet::load(char const*, std::string const&) rules_set.cc:69
#4 0xcc38d4 in modsecurity::RulesSet::load(char const*) rules_set.cc:100
#5 0xcc3978 in msc_rules_add rules_set.cc:306
Direct leak of 6336 byte(s) in 132 object(s) allocated from:
#0 0x4961ac in operator new(unsigned long)
#1 0xd3e250 in yy::seclang_parser::parse() seclang-parser.yy:2762
#2 0xd142e4 in modsecurity::Parser::Driver::parse(std::string const&, std::string const&) parser/driver.cc:148
#3 0xcc30b8 in modsecurity::RulesSet::load(char const*, std::string const&) rules_set.cc:69
#4 0xcc38d4 in modsecurity::RulesSet::load(char const*) rules_set.cc:100
#5 0xcc3978 in msc_rules_add rules_set.cc:306
Output of:
Please let me know how to collect and will provide the same
To Reproduce
Server (please complete the following information):
Rule Set (please complete the following information):
CRS 3.0.0
The text was updated successfully, but these errors were encountered: