Fixes leak of sni config filename on load (apache#8821)

moonchen · May 5, 2022 · e99f33c · e99f33c
1 parent 925dd5d
commit e99f33c
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 11 deletions.
diff --git a/iocore/net/P_SSLSNI.h b/iocore/net/P_SSLSNI.h
@@ -100,7 +100,6 @@ typedef std::vector<actionElement> SNIList;
 typedef std::vector<NextHopItem> NextHopPropertyList;
 
 struct SNIConfigParams : public ConfigInfo {
-  char *sni_filename = nullptr;
   SNIList sni_action_list;
   NextHopPropertyList next_hop_list;
   YamlSNIConfig Y_sni;

diff --git a/iocore/net/SSLSNIConfig.cc b/iocore/net/SSLSNIConfig.cc
@@ -156,14 +156,14 @@ SNIConfigParams::get(std::string_view servername) const
 int
 SNIConfigParams::Initialize()
 {
-  sni_filename = ats_stringdup(RecConfigReadConfigPath("proxy.config.ssl.servername.filename"));
+  std::string sni_filename = RecConfigReadConfigPath("proxy.config.ssl.servername.filename");
 
-  Note("%s loading ...", sni_filename);
+  Note("%s loading ...", sni_filename.c_str());
 
   struct stat sbuf;
-  if (stat(sni_filename, &sbuf) == -1 && errno == ENOENT) {
-    Note("%s failed to load", sni_filename);
-    Warning("Loading SNI configuration - filename: %s doesn't exist", sni_filename);
+  if (stat(sni_filename.c_str(), &sbuf) == -1 && errno == ENOENT) {
+    Note("%s failed to load", sni_filename.c_str());
+    Warning("Loading SNI configuration - filename: %s doesn't exist", sni_filename.c_str());
     return 1;
   }
 
@@ -173,16 +173,16 @@ SNIConfigParams::Initialize()
     std::stringstream errMsg;
     errMsg << zret;
     if (TSSystemState::is_initializing()) {
-      Emergency("%s failed to load: %s", sni_filename, errMsg.str().c_str());
+      Emergency("%s failed to load: %s", sni_filename.c_str(), errMsg.str().c_str());
     } else {
-      Error("%s failed to load: %s", sni_filename, errMsg.str().c_str());
+      Error("%s failed to load: %s", sni_filename.c_str(), errMsg.str().c_str());
     }
     return 1;
   }
   Y_sni = std::move(Y_sni_tmp);
 
   loadSNIConfig();
-  Note("%s finished loading", sni_filename);
+  Note("%s finished loading", sni_filename.c_str());
 
   return 0;
 }

diff --git a/iocore/net/YamlSNIConfig.cc b/iocore/net/YamlSNIConfig.cc
@@ -61,7 +61,7 @@ load_tunnel_alpn(std::vector<int> &dst, const YAML::Node &node)
 } // namespace
 
 ts::Errata
-YamlSNIConfig::loader(const char *cfgFilename)
+YamlSNIConfig::loader(const std::string &cfgFilename)
 {
   try {
     YAML::Node config = YAML::LoadFile(cfgFilename);

diff --git a/iocore/net/YamlSNIConfig.h b/iocore/net/YamlSNIConfig.h
@@ -96,7 +96,7 @@ struct YamlSNIConfig {
     void EnableProtocol(YamlSNIConfig::TLSProtocol proto);
   };
 
-  ts::Errata loader(const char *cfgFilename);
+  ts::Errata loader(const std::string &cfgFilename);
 
   std::vector<YamlSNIConfig::Item> items;
 };