From: Tim Duesterhus Date: Sat, 13 Jun 2020 22:37:43 +0000 (+0200) Subject: BUG/MINOR: haproxy: Free rule->arg.vars.expr during deinit_act_rules X-Git-Tag: v2.2-dev10~50 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ff78fcdd7f15c8626c7e70add7a935221ee2920c;p=thirdparty%2Fhaproxy.git BUG/MINOR: haproxy: Free rule->arg.vars.expr during deinit_act_rules Given the following example configuration: frontend foo bind *:8080 mode http http-request set-var(txn.foo) str(bar) Running a configuration check within valgrind reports: ==23665== Memcheck, a memory error detector ==23665== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==23665== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info ==23665== Command: ./haproxy -c -f ./crasher.cfg ==23665== [WARNING] 165/002941 (23665) : config : missing timeouts for frontend 'foo'. | While not properly invalid, you will certainly encounter various problems | with such a configuration. To fix this, please ensure that all following | timeouts are set to a non-zero value: 'client', 'connect', 'server'. Warnings were found. Configuration file is valid ==23665== ==23665== HEAP SUMMARY: ==23665== in use at exit: 314,008 bytes in 87 blocks ==23665== total heap usage: 160 allocs, 73 frees, 1,448,074 bytes allocated ==23665== ==23665== 132 (48 direct, 84 indirect) bytes in 1 blocks are definitely lost in loss record 15 of 28 ==23665== at 0x4C2FB55: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==23665== by 0x4A2612: sample_parse_expr (sample.c:876) ==23665== by 0x54DF84: parse_store (vars.c:766) ==23665== by 0x528BDF: parse_http_req_cond (http_rules.c:95) ==23665== by 0x469F36: cfg_parse_listen (cfgparse-listen.c:1339) ==23665== by 0x459E33: readcfgfile (cfgparse.c:2167) ==23665== by 0x5074FD: init (haproxy.c:2021) ==23665== by 0x418262: main (haproxy.c:3126) ==23665== ==23665== LEAK SUMMARY: ==23665== definitely lost: 48 bytes in 1 blocks ==23665== indirectly lost: 84 bytes in 2 blocks ==23665== possibly lost: 0 bytes in 0 blocks ==23665== still reachable: 313,876 bytes in 84 blocks ==23665== suppressed: 0 bytes in 0 blocks ==23665== Reachable blocks (those to which a pointer was found) are not shown. ==23665== To see them, rerun with: --leak-check=full --show-leak-kinds=all ==23665== ==23665== For counts of detected and suppressed errors, rerun with: -v ==23665== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) After this patch is applied the leak is gone as expected. This is a very minor leak that can only be observed if deinit() is called, shortly before the OS will free all memory of the process anyway. No backport needed. --- diff --git a/src/haproxy.c b/src/haproxy.c index 6548db6b58..245ac3b608 100644 --- a/src/haproxy.c +++ b/src/haproxy.c @@ -2555,6 +2555,7 @@ static void deinit_act_rules(struct list *rules) list_for_each_entry_safe(rule, ruleb, rules, list) { LIST_DEL(&rule->list); deinit_acl_cond(rule->cond); + release_sample_expr(rule->arg.vars.expr); if (rule->release_ptr) rule->release_ptr(rule); free(rule);