contrib/src/modsecurity/PR2580.patch

From ab313df49ff1195d643f3b1c390f9938323394a4 Mon Sep 17 00:00:00 2001
From: Yupeng Zhou <zhouyupeng@tensorsecurity.cn>
Date: Fri, 18 Jun 2021 10:37:08 +0800
Subject: [PATCH] fix some memory leaks for parsing & cleaning up rules

---
 headers/modsecurity/rule.h    | 2 ++
 src/parser/driver.cc          | 4 ++--
 src/parser/location.hh        | 4 ++--
 src/parser/seclang-parser.cc  | 2 +-
 src/parser/seclang-parser.yy  | 2 +-
 src/parser/seclang-scanner.cc | 6 +++---
 src/parser/seclang-scanner.ll | 6 +++---
 src/rule_with_actions.cc      | 4 ++++
 8 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/headers/modsecurity/rule.h b/headers/modsecurity/rule.h
index b10e0556e..1d5570a8d 100644
--- a/headers/modsecurity/rule.h
+++ b/headers/modsecurity/rule.h
@@ -86,6 +86,8 @@ class Rule {
         return *this;
     }
 
+    virtual ~Rule() {}
+
     virtual bool evaluate(Transaction *transaction) = 0;
 
     virtual bool evaluate(Transaction *transaction,
diff --git a/src/parser/driver.cc b/src/parser/driver.cc
index c8d15b48a..c08026a53 100644
--- a/src/parser/driver.cc
+++ b/src/parser/driver.cc
@@ -129,9 +129,9 @@ int Driver::parse(const std::string &f, const std::string &ref) {
     m_lastRule = nullptr;
     loc.push_back(new yy::location());
     if (ref.empty()) {
-        loc.back()->begin.filename = loc.back()->end.filename = new std::string("<<reference missing or not informed>>");
+        loc.back()->begin.filename = loc.back()->end.filename = std::shared_ptr<const std::string>(new std::string("<<reference missing or not informed>>"));
     } else {
-        loc.back()->begin.filename = loc.back()->end.filename = new std::string(ref);
+        loc.back()->begin.filename = loc.back()->end.filename = std::shared_ptr<const std::string>(new std::string(ref));
     }
 
     if (f.empty()) {
diff --git a/src/parser/location.hh b/src/parser/location.hh
index 314b0693a..0f414d831 100644
--- a/src/parser/location.hh
+++ b/src/parser/location.hh
@@ -80,7 +80,7 @@ namespace yy {
                      counter_type l = 1,
                      counter_type c = 1)
     {
-      filename = fn;
+      filename = std::shared_ptr<filename_type>(fn);
       line = l;
       column = c;
     }
@@ -105,7 +105,7 @@ namespace yy {
     /** \} */
 
     /// File name to which this position refers.
-    filename_type* filename;
+    std::shared_ptr<filename_type> filename;
     /// Current line number.
     counter_type line;
     /// Current column number.
diff --git a/src/parser/seclang-parser.cc b/src/parser/seclang-parser.cc
index dfabb4342..00198fded 100644
--- a/src/parser/seclang-parser.cc
+++ b/src/parser/seclang-parser.cc
@@ -1317,7 +1317,7 @@ namespace yy {
 #line 319 "seclang-parser.yy"
 {
   // Initialize the initial location.
-  yyla.location.begin.filename = yyla.location.end.filename = new std::string(driver.file);
+  yyla.location.begin.filename = yyla.location.end.filename = std::shared_ptr<const std::string>(new std::string(driver.file));
 }
 
 #line 1328 "seclang-parser.cc"
diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy
index fdb2bb111..224e6abc5 100644
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@@ -317,7 +317,7 @@ using namespace modsecurity::operators;
 %initial-action
 {
   // Initialize the initial location.
-  @$.begin.filename = @$.end.filename = new std::string(driver.file);
+  @$.begin.filename = @$.end.filename = std::shared_ptr<const std::string>(new std::string(driver.file));
 };
 %define parse.trace
 %define parse.error verbose
diff --git a/src/parser/seclang-scanner.cc b/src/parser/seclang-scanner.cc
index 74418c522..fe5fd4bd4 100644
--- a/src/parser/seclang-scanner.cc
+++ b/src/parser/seclang-scanner.cc
@@ -8488,7 +8488,7 @@ YY_RULE_SETUP
         std::string err;
         std::string f = modsecurity::utils::find_resource(s, *driver.loc.back()->end.filename, &err);
         driver.loc.push_back(new yy::location());
-        driver.loc.back()->begin.filename = driver.loc.back()->end.filename = new std::string(f);
+        driver.loc.back()->begin.filename = driver.loc.back()->end.filename = std::shared_ptr<const std::string>(new std::string(f));
         yyin = fopen(f.c_str(), "r" );
         if (!yyin) {
             BEGIN(INITIAL);
@@ -8519,7 +8519,7 @@ YY_RULE_SETUP
     for (auto& s: files) {
         std::string f = modsecurity::utils::find_resource(s, *driver.loc.back()->end.filename, &err);
         driver.loc.push_back(new yy::location());
-        driver.loc.back()->begin.filename = driver.loc.back()->end.filename = new std::string(f);
+        driver.loc.back()->begin.filename = driver.loc.back()->end.filename = std::shared_ptr<const std::string>(new std::string(f));
 
         yyin = fopen(f.c_str(), "r" );
         if (!yyin) {
@@ -8552,7 +8552,7 @@ YY_RULE_SETUP
     c.setKey(key);
 
     driver.loc.push_back(new yy::location());
-    driver.loc.back()->begin.filename = driver.loc.back()->end.filename = new std::string(url);
+    driver.loc.back()->begin.filename = driver.loc.back()->end.filename = std::shared_ptr<const std::string>(new std::string(url));
     YY_BUFFER_STATE temp = YY_CURRENT_BUFFER;
     yypush_buffer_state(temp);
 
diff --git a/src/parser/seclang-scanner.ll b/src/parser/seclang-scanner.ll
index 9686027ba..18118bb08 100755
--- a/src/parser/seclang-scanner.ll
+++ b/src/parser/seclang-scanner.ll
@@ -1250,7 +1250,7 @@ EQUALS_MINUS                            (?i:=\-)
         std::string err;
         std::string f = modsecurity::utils::find_resource(s, *driver.loc.back()->end.filename, &err);
         driver.loc.push_back(new yy::location());
-        driver.loc.back()->begin.filename = driver.loc.back()->end.filename = new std::string(f);
+        driver.loc.back()->begin.filename = driver.loc.back()->end.filename = std::shared_ptr<const std::string>(new std::string(f));
         yyin = fopen(f.c_str(), "r" );
         if (!yyin) {
             BEGIN(INITIAL);
@@ -1278,7 +1278,7 @@ EQUALS_MINUS                            (?i:=\-)
     for (auto& s: files) {
         std::string f = modsecurity::utils::find_resource(s, *driver.loc.back()->end.filename, &err);
         driver.loc.push_back(new yy::location());
-        driver.loc.back()->begin.filename = driver.loc.back()->end.filename = new std::string(f);
+        driver.loc.back()->begin.filename = driver.loc.back()->end.filename = std::shared_ptr<const std::string>(new std::string(f));
 
         yyin = fopen(f.c_str(), "r" );
         if (!yyin) {
@@ -1307,7 +1307,7 @@ EQUALS_MINUS                            (?i:=\-)
     c.setKey(key);
 
     driver.loc.push_back(new yy::location());
-    driver.loc.back()->begin.filename = driver.loc.back()->end.filename = new std::string(url);
+    driver.loc.back()->begin.filename = driver.loc.back()->end.filename = std::shared_ptr<const std::string>(new std::string(url));
     YY_BUFFER_STATE temp = YY_CURRENT_BUFFER;
     yypush_buffer_state(temp);
 
diff --git a/src/rule_with_actions.cc b/src/rule_with_actions.cc
index 5ac17a267..6c44da7e5 100644
--- a/src/rule_with_actions.cc
+++ b/src/rule_with_actions.cc
@@ -80,6 +80,10 @@ RuleWithActions::RuleWithActions(
     m_containsStaticBlockAction(false),
     m_isChained(false) {
 
+    if (transformations != NULL) {
+        delete transformations;
+    }
+
     if (actions) {
         for (Action *a : *actions) {
             if (a->action_kind == Action::ConfigurationKind) {