Description
Describe the bug
Whenver we are loading the rule to Modsecurity library using 'msc_rules_add', it leaks memory fe bytes of memory.
In our used-case, we need to load the rulset multiple times dynamically, this leak is gradually increasing and causing high memory usage.
Logs and dumps
Leak report:
Direct leak of 25344 byte(s) in 528 object(s) allocated from:
#0 0x4961ac in operator new(unsigned long)
#1 0xd3e250 in yy::seclang_parser::parse() seclang-parser.yy:2762
#2 0xd142e4 in modsecurity::Parser::Driver::parse(std::string const&, std::string const&) parser/driver.cc:148
#3 0xcc30b8 in modsecurity::RulesSet::load(char const*, std::string const&) rules_set.cc:69
#4 0xcc38d4 in modsecurity::RulesSet::load(char const*) rules_set.cc:100
#5 0xcc3978 in msc_rules_add rules_set.cc:306
Direct leak of 6336 byte(s) in 132 object(s) allocated from:
#0 0x4961ac in operator new(unsigned long)
#1 0xd3e250 in yy::seclang_parser::parse() seclang-parser.yy:2762
#2 0xd142e4 in modsecurity::Parser::Driver::parse(std::string const&, std::string const&) parser/driver.cc:148
#3 0xcc30b8 in modsecurity::RulesSet::load(char const*, std::string const&) rules_set.cc:69
#4 0xcc38d4 in modsecurity::RulesSet::load(char const*) rules_set.cc:100
#5 0xcc3978 in msc_rules_add rules_set.cc:306
Output of:
- DebugLogs (level 9)
- AuditLogs
- Error logs
Please let me know how to collect and will provide the same
To Reproduce
- Run the app with asan.
- Load the rules using 'msc_rules_add'
Server (please complete the following information):
- ModSecurity version : [e.g. ModSecurity v3.0.10)
- WebServer: [e.g. Any web server]
- OS (and distro): [e.g. Linux, centos]
Rule Set (please complete the following information):
- Running any public or commercial rule set? [e.g. SpiderLabs commercial rules]
CRS 3.0.0