git.ipfire.org Git - thirdparty/rspamd.git/commit

author	Vsevolod Stakhov <vsevolod@rspamd.com>
	Mon, 16 Feb 2026 15:36:16 +0000 (15:36 +0000)
committer	Vsevolod Stakhov <vsevolod@rspamd.com>
	Mon, 16 Feb 2026 15:36:16 +0000 (15:36 +0000)
commit	71b32137c619dde6b39a2c9d9dc47ffc164c8f58
tree	9a087965e50e629785e42cf842fd75783956abdf	tree
parent	566790047fc0462dba9d8e1c0c5d38d9702b6597	commit \| diff

[Minor] Backport ucl_object_iterate_end() from libucl to fix iterator leak

Add ucl_object_iterate_end() function to free resources associated with
an inline iterator when iteration is abandoned before completion. This
fixes a potential memory leak when iterating over UCL_OBJECT types where
internal heap state is allocated.

Changes backported from libucl 0.9.3:
- Add ucl_hash_iterate_free() to ucl_hash.c/h
- Add ucl_object_iterate_end() to ucl_util.c and ucl.h
- Add ucl_iterate_object_end macro alias

Note: Rspamd already had the security fixes for:
- heap-buffer-overflow in ucl_maybe_parse_number
- heap-buffer-overflow in ucl_parse_multiline_string
- Use-After-Free in ucl_hash_insert
- Invalid JSON emission when merging objects

contrib/libucl/ucl.h		diff \| blob \| blame \| history
contrib/libucl/ucl_hash.c		diff \| blob \| blame \| history
contrib/libucl/ucl_hash.h		diff \| blob \| blame \| history
contrib/libucl/ucl_util.c		diff \| blob \| blame \| history