This is an automated email from the ASF dual-hosted git repository. rleigh pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/xerces-c.git
The following commit(s) were added to refs/heads/master by this push: new 327abd3 CurlURLInputStream constructor: avoid memory leak new a313987 Merge pull request #28 from rouault/curl_memleak_fix 327abd3 is described below commit 327abd3551bdbca808b7fc22019c51210358b645 Author: Even Rouault <even.roua...@spatialys.com> AuthorDate: Wed Aug 18 18:15:45 2021 +0200 CurlURLInputStream constructor: avoid memory leak CurlURLInputStream constructor calls the readMore() method, which can throw exceptions. In that situation, the destructor is not called, which results in resource/memory leaks. To fix that, catch the exceptions, manually do the cleanup and rethrow the exceptions. Found by ossfuzz (locally) --- .../util/NetAccessors/Curl/CurlURLInputStream.cpp | 28 +++++++++++++++++++++- .../util/NetAccessors/Curl/CurlURLInputStream.hpp | 2 ++ 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.cpp b/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.cpp index a7b125d..8c79ceb 100644 --- a/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.cpp +++ b/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.cpp @@ -160,7 +160,20 @@ CurlURLInputStream::CurlURLInputStream(const XMLURL& urlSource, const XMLNetHTTP while(fBufferHeadPtr == fBuffer) { int runningHandles = 0; - readMore(&runningHandles); + try + { + readMore(&runningHandles); + } + catch(const MalformedURLException&) + { + cleanup(); + throw; + } + catch(const NetAccessorException&) + { + cleanup(); + throw; + } if(runningHandles == 0) break; } @@ -174,18 +187,31 @@ CurlURLInputStream::CurlURLInputStream(const XMLURL& urlSource, const XMLNetHTTP CurlURLInputStream::~CurlURLInputStream() { + cleanup(); +} + + +void CurlURLInputStream::cleanup() +{ + if (!fMulti ) + return; + // Remove the easy handle from the multi stack curl_multi_remove_handle(fMulti, fEasy); // Cleanup the easy handle curl_easy_cleanup(fEasy); + fEasy = NULL; // Cleanup the multi handle curl_multi_cleanup(fMulti); + fMulti = NULL; if(fContentType) fMemoryManager->deallocate(fContentType); + fContentType = NULL; if(fHeadersList) curl_slist_free_all(fHeadersList); + fHeadersList = NULL; } diff --git a/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.hpp b/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.hpp index 1ff2abf..06fa994 100644 --- a/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.hpp +++ b/src/xercesc/util/NetAccessors/Curl/CurlURLInputStream.hpp @@ -61,6 +61,8 @@ private : CurlURLInputStream(const CurlURLInputStream&); CurlURLInputStream& operator=(const CurlURLInputStream&); + void cleanup(); + static size_t staticWriteCallback(char *buffer, size_t size, size_t nitems, --------------------------------------------------------------------- To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org For additional commands, e-mail: c-dev-h...@xerces.apache.org