lwip-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lwip-devel] [bug #56806] Mem Leak in http_post_request

From: Stian Skjelstad
Subject: Re: [lwip-devel] [bug #56806] Mem Leak in http_post_request
Date: Mon, 26 Aug 2019 10:47:40 +0200
From the httpd.h (says     ATTENTION: The application is responsible for freeing the pbufs passed in!  ) 

/**
* @ingroup httpd
* Called for each pbuf of data that has been received for a POST.
* ATTENTION: The application is responsible for freeing the pbufs passed in!
*
* @param connection Unique connection identifier.
* @param p Received data.
* @return ERR_OK: Data accepted.
*         another err_t: Data denied, http_post_get_response_uri will be called.
*/
err_t httpd_post_receive_data(void *connection, struct pbuf *p);  



But example in contrib does not call pbuf_unref, and should be patches, so a patch it still needed, but for the contrib

Stian Skjelstad


On Mon, Aug 26, 2019 at 10:38 AM Sperlich, Klaus <address@hidden> wrote:
Hi Stian,
thank's for your hint.
I changed the code, now it's working.
A comment in source code for proper pbuf_unref  in callback
could be helpfull.
Thx & Kind Regards


----------------------------------------
HARTING Electric GmbH & Co. KG  |  Postfach 14 73, 32328 Espelkamp  | Wilhelm-Harting-Straße 1, 32339 Espelkamp  |  www.HARTING.com
Pers. haftende Gesellschafterin: HARTING Electric Management GmbH
Geschäftsführer: Dipl.-Kfm. Edgar Peter Düning, Dipl.-Ing. Gunter Galtz, Dipl.-Ing. Norbert Gemmeke, Dr.-Ing. Andreas Imhoff
Sitz der Gesellschaft: Espelkamp  |  Amtsgericht Bad Oeynhausen  |  Register-Nr. HRA 5602  |  UST-Id Nr. DE813265676  |  WEEE-Reg.-Nr. DE 56507374


-----Ursprüngliche Nachricht-----
Von: Stian Sebastian Skjelstad <address@hidden>
Gesendet: Montag, 26. August 2019 10:24
An: Sperlich, Klaus <address@hidden>; Stian Sebastian Skjelstad <address@hidden>; address@hidden; address@hidden
Betreff: [bug #56806] Mem Leak in http_post_request

Follow-up Comment #1, bug #56806 (project lwip):

http_post_rxpbuf sends the pbuf to http_post_get_response_uri


/**
 * @ingroup httpd
 * Called for each pbuf of data that has been received for a POST.
 * ATTENTION: The application is responsible for freeing the pbufs passed in!
 *
 * @param connection Unique connection identifier.
 * @param p Received data.
 * @return ERR_OK: Data accepted.
 *         another err_t: Data denied, http_post_get_response_uri will be
called.
 */
err_t httpd_post_receive_data(void *connection, struct pbuf *p);


So, your callback is responsible for doing a pbuf_unref.

Your fix is a workaround for your callback not doing its job, in one of the code-paths. Take a look at the top two lines in your patch too:


              pbuf_ref(q);     // <------ this would be a problem too if your
httpd_post_receive_data doesn't do the pbuf_unref it is suppose to do
              return http_post_rxpbuf(hs, q);
            } else if (hs->post_content_len_left == 0) {
              q = pbuf_alloc(PBUF_RAW, 0, PBUF_REF);
              err_t err;
              err = http_post_rxpbuf(hs, q);
              pbuf_free (q);
              return err;
            } else {
              return ERR_OK;


    _______________________________________________________

Reply to this item at:

  <https://savannah.nongnu.org/bugs/?56806>

_______________________________________________
  Message sent via Savannah
  https://savannah.nongnu.org/

reply via email to
[Prev in Thread] Current Thread [Next in Thread]