This is an automated email from the ASF dual-hosted git repository. rleigh pushed a commit to branch xerces-3.2 in repository https://gitbox.apache.org/repos/asf/xerces-c.git
The following commit(s) were added to refs/heads/xerces-3.2 by this push: new b8f2b83 CurlURLInputStream constructor: avoid memory leak new 9ac2a9c Merge pull request #29 from rouault/backport_3_2_curl_memleak_fix b8f2b83 is described below commit b8f2b836358bb9e338c677eb71ec7fdfbd13643b Author: Even Rouault <even.roua...@spatialys.com> AuthorDate: Wed Aug 18 18:15:45 2021 +0200 CurlURLInputStream constructor: avoid memory leak CurlURLInputStream constructor calls the readMore() method, which can throw exceptions. In that situation, the destructor is not called, which results in resource/memory leaks. To fix that, catch the exceptions, manually do the cleanup and rethrow the exceptions. Found by ossfuzz (locally) --- .../util/NetAccessors/Curl/CurlURLInputStream.cpp | 28 +++++++++++++++++++++- .../util/NetAccessors/Curl/CurlURLInputStream.hpp | 2 ++ 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.cpp b/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.cpp index 5ed6593..2980dc2 100644 --- a/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.cpp +++ b/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.cpp @@ -160,7 +160,20 @@ CurlURLInputStream::CurlURLInputStream(const XMLURL& urlSource, const XMLNetHTTP while(fBufferHeadPtr == fBuffer) { int runningHandles = 0; - readMore(&runningHandles); + try + { + readMore(&runningHandles); + } + catch(const MalformedURLException&) + { + cleanup(); + throw; + } + catch(const NetAccessorException&) + { + cleanup(); + throw; + } if(runningHandles == 0) break; } @@ -174,18 +187,31 @@ CurlURLInputStream::CurlURLInputStream(const XMLURL& urlSource, const XMLNetHTTP CurlURLInputStream::~CurlURLInputStream() { + cleanup(); +} + + +void CurlURLInputStream::cleanup() +{ + if (!fMulti ) + return; + // Remove the easy handle from the multi stack curl_multi_remove_handle(fMulti, fEasy); // Cleanup the easy handle curl_easy_cleanup(fEasy); + fEasy = NULL; // Cleanup the multi handle curl_multi_cleanup(fMulti); + fMulti = NULL; if(fContentType) fMemoryManager->deallocate(fContentType); + fContentType = NULL; if(fHeadersList) curl_slist_free_all(fHeadersList); + fHeadersList = NULL; } diff --git a/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.hpp b/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.hpp index f75857b..3900d4d 100644 --- a/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.hpp +++ b/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.hpp @@ -61,6 +61,8 @@ private : CurlURLInputStream(const CurlURLInputStream&); CurlURLInputStream& operator=(const CurlURLInputStream&); + void cleanup(); + static size_t staticWriteCallback(char *buffer, size_t size, size_t nitems, --------------------------------------------------------------------- To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org For additional commands, e-mail: c-dev-h...@xerces.apache.org