From 0416a8428d6ba79c0a9893ccce809a24b6243be5 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Tue, 25 Feb 2014 20:22:55 +0100 Subject: [PATCH] htp: don't assume HTPCallbackRequestLine is the first callback By assuming that HTPCallbackRequestLine would always be run first, an memory leak was introduced. It would not check if user data already existed in the tx, causing it to overwrite the user data pointer is it already existed. Bug #1092. --- src/app-layer-htp.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c index d2c0a099ad..7e132aa8fa 100644 --- a/src/app-layer-htp.c +++ b/src/app-layer-htp.c @@ -2032,14 +2032,19 @@ static int HTPCallbackRequestLine(htp_tx_t *tx) if (request_uri_normalized == NULL) return HTP_OK; - tx_ud = HTPMalloc(sizeof(*tx_ud)); - if (unlikely(tx_ud == NULL)) { - bstr_free(request_uri_normalized); - return HTP_OK; + tx_ud = htp_tx_get_user_data(tx); + if (likely(tx_ud == NULL)) { + tx_ud = HTPMalloc(sizeof(*tx_ud)); + if (unlikely(tx_ud == NULL)) { + bstr_free(request_uri_normalized); + return HTP_OK; + } + memset(tx_ud, 0, sizeof(*tx_ud)); + htp_tx_set_user_data(tx, tx_ud); } - memset(tx_ud, 0, sizeof(*tx_ud)); + if (unlikely(tx_ud->request_uri_normalized != NULL)) + bstr_free(tx_ud->request_uri_normalized); tx_ud->request_uri_normalized = request_uri_normalized; - htp_tx_set_user_data(tx, tx_ud); if (tx->flags) { HTPErrorCheckTxRequestFlags(hstate, tx); -- 2.47.2