From: Philippe Antoine Date: Mon, 8 Nov 2021 12:33:27 +0000 (+0100) Subject: range: prevents memory leak of file from HTTP2 X-Git-Tag: suricata-7.0.0-beta1~1177 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c023116857426137eb0c7240b80e99a8940f3c5b;p=thirdparty%2Fsuricata.git range: prevents memory leak of file from HTTP2 If a HTTP2 transaction gets freed before the end of the range request, we need to have the files container which is in the state, to transfer owernship of this file to the files container. Ticket: 4811 --- diff --git a/rust/src/http2/http2.rs b/rust/src/http2/http2.rs index b0545f0a75..5bdc0b2af6 100644 --- a/rust/src/http2/http2.rs +++ b/rust/src/http2/http2.rs @@ -449,6 +449,23 @@ impl HTTP2State { if tx.tx_id == tx_id + 1 { found = true; index = i; + // this should be in HTTP2Transaction::free + // but we need state's file container cf https://redmine.openinfosecfoundation.org/issues/4444 + if !tx.file_range.is_null() { + match unsafe { SC } { + None => panic!("BUG no suricata_config"), + Some(c) => { + (c.HTPFileCloseHandleRange)( + &mut self.files.files_tc, + 0, + tx.file_range, + std::ptr::null_mut(), + 0, + ); + (c.HttpRangeFreeBlock)(tx.file_range); + } + } + } break; } } diff --git a/src/app-layer-htp-file.c b/src/app-layer-htp-file.c index bde98dd0f0..2195ec764a 100644 --- a/src/app-layer-htp-file.c +++ b/src/app-layer-htp-file.c @@ -363,6 +363,7 @@ void HTPFileCloseHandleRange(FileContainer *files, const uint16_t flags, HttpRan /* HtpState owns the constructed file now */ FileContainerAdd(files, ranged); } + DEBUG_VALIDATE_BUG_ON(ranged && !files); THashDataUnlock(c->container->hdata); } }