libhtp icon indicating copy to clipboard operation
libhtp copied to clipboard

Published 20 hours ago verified publisher icon OISF

memory leak

Open fyy-100 opened this issue 3 years ago • 2 comments

function: htp_mpart_part_handle_data line: part->parser->pending_header_line = bstr_add_mem(part->parser->pending_header_line, data, len);

if memory not enough, bstr_add_mem return NULL but not free part->parser->pending_header_line old memory

fyy-100 avatar Feb 11 '22 05:02 fyy-100

Thanks for this report, would you like to submit a fix ? Suricata does not use this part of libhtp (multipart parsing) What do you use libhtp for ?

catenacyber avatar Feb 17 '22 11:02 catenacyber

I try to use libhtp to instead of nginx with modsecurity :)

fyy-100 avatar Mar 08 '22 10:03 fyy-100