range: prevents memory leak of file from HTTP2

If a HTTP2 transaction gets freed before the end of the range
request, we need to have the files container which is in
the state, to transfer owernship of this file to the files
container.

Ticket: 4811

diff --git a/rust/src/http2/http2.rs b/rust/src/http2/http2.rs
index b0545f0a7550bb888720a84c9e4bfbd8ffaeb1c8..5bdc0b2af6024203e6889602407575d0e3b6ed8f 100644 (file)
--- a/rust/src/http2/http2.rs
+++ b/rust/src/http2/http2.rs
@@ -449,6 +449,23 @@ impl HTTP2State {
             if tx.tx_id == tx_id + 1 {
                 found = true;
                 index = i;
+                // this should be in HTTP2Transaction::free
+                // but we need state's file container cf https://redmine.openinfosecfoundation.org/issues/4444
+                if !tx.file_range.is_null() {
+                    match unsafe { SC } {
+                        None => panic!("BUG no suricata_config"),
+                        Some(c) => {
+                            (c.HTPFileCloseHandleRange)(
+                                &mut self.files.files_tc,
+                                0,
+                                tx.file_range,
+                                std::ptr::null_mut(),
+                                0,
+                            );
+                            (c.HttpRangeFreeBlock)(tx.file_range);
+                        }
+                    }
+                }
                 break;
             }
         }

diff --git a/src/app-layer-htp-file.c b/src/app-layer-htp-file.c
index bde98dd0f0f9fff2b3f8fbf293c705ce48dc9392..2195ec764a4fc50d215782bd32d364a75063b935 100644 (file)
--- a/src/app-layer-htp-file.c
+++ b/src/app-layer-htp-file.c
@@ -363,6 +363,7 @@ void HTPFileCloseHandleRange(FileContainer *files, const uint16_t flags, HttpRan
             /* HtpState owns the constructed file now */
             FileContainerAdd(files, ranged);
         }
+        DEBUG_VALIDATE_BUG_ON(ranged && !files);
         THashDataUnlock(c->container->hdata);
     }
 }