summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ChangeLog11
-rw-r--r--runtime/nsd_gtls.c5
-rw-r--r--runtime/nsd_ptcp.c6
-rw-r--r--runtime/nsdsel_gtls.c1
-rw-r--r--tcpsrv.c9
-rw-r--r--tests/Makefile.am3
-rwxr-xr-xtests/manytcp-too-few-tls.sh15
-rw-r--r--tests/testsuites/manytcp-too-few-tls.conf22
8 files changed, 67 insertions, 5 deletions
diff --git a/ChangeLog b/ChangeLog
index 46a41574..d34ab025 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
---------------------------------------------------------------------------
Version 6.1.9 [BETA] (rgerhards), 2011-0?-??
+- bugfix: memory leak in imtcp & subsystems under some circumstances
+ This leak is tied to error conditions which lead to incorrect cleanup
+ of some data structures. [backport from v6].3
- bugfix: $ActionFileDefaultTemplate did not work
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=262
---------------------------------------------------------------------------
@@ -178,6 +181,11 @@ Version 5.9.0 [V5-DEVEL] (rgerhards), 2011-03-??
affected directive was: $ActionExecOnlyWhenPreviousIsSuspended on
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=236
---------------------------------------------------------------------------
+Version 5.8.2 [V5-stable] (rgerhards), 2011-06-??
+- bugfix: memory leak in imtcp & subsystems under some circumstances
+ This leak is tied to error conditions which lead to incorrect cleanup
+ of some data structures. [backport from v6]
+---------------------------------------------------------------------------
Version 5.8.1 [V5-stable] (rgerhards), 2011-05-19
- bugfix: invalid processing in QUEUE_FULL condition
If the the multi-submit interface was used and a QUEUE_FULL condition
@@ -1009,6 +1017,9 @@ Version 4.7.0 [v4-devel] (rgerhards), 2010-04-14
- imported changes from 4.5.6 and below
---------------------------------------------------------------------------
Version 4.6.6 [v4-stable] (rgerhards), 2010-11-??
+- bugfix: memory leak in imtcp & subsystems under some circumstances
+ This leak is tied to error conditions which lead to incorrect cleanup
+ of some data structures. [backport from v6, limited testing under v4]
- bugfix: invalid processing in QUEUE_FULL condition
If the the multi-submit interface was used and a QUEUE_FULL condition
occured, the failed message was properly destructed. However, the
diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c
index d0fd0e0f..cc8f78d1 100644
--- a/runtime/nsd_gtls.c
+++ b/runtime/nsd_gtls.c
@@ -1099,6 +1099,7 @@ gtlsEndSess(nsd_gtls_t *pThis)
}
}
gnutls_deinit(pThis->sess);
+ pThis->bHaveSess = 0;
}
RETiRet;
}
@@ -1152,8 +1153,8 @@ CODESTARTobjDestruct(nsd_gtls)
gnutls_x509_crt_deinit(pThis->ourCert);
if(pThis->bOurKeyIsInit)
gnutls_x509_privkey_deinit(pThis->ourKey);
-#warning need more checks if the new gnutls_deinit() breaks things during normal operations
-// gnutls_deinit(pThis->sess); /* see ln 600 pThis->bInSess as something to check? */
+ if(pThis->bHaveSess)
+ gnutls_deinit(pThis->sess);
ENDobjDestruct(nsd_gtls)
diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c
index c8915231..69eb7684 100644
--- a/runtime/nsd_ptcp.c
+++ b/runtime/nsd_ptcp.c
@@ -334,6 +334,12 @@ AcceptConnReq(nsd_t *pNsd, nsd_t **ppNew)
iNewSock = accept(pThis->sock, (struct sockaddr*) &addr, &addrlen);
if(iNewSock < 0) {
+ if(Debug) {
+ char errStr[1024];
+ rs_strerror_r(errno, errStr, sizeof(errStr));
+ dbgprintf("nds_ptcp: error accepting connection on socket %d, errno %d: %s\n",
+ pThis->sock, errno, errStr);
+ }
ABORT_FINALIZE(RS_RET_ACCEPT_ERR);
}
diff --git a/runtime/nsdsel_gtls.c b/runtime/nsdsel_gtls.c
index 1a389a00..aff55af2 100644
--- a/runtime/nsdsel_gtls.c
+++ b/runtime/nsdsel_gtls.c
@@ -177,6 +177,7 @@ doRetry(nsd_gtls_t *pNsd)
finalize_it:
if(iRet != RS_RET_OK && iRet != RS_RET_CLOSED && iRet != RS_RET_RETRY)
pNsd->bAbortConn = 1; /* request abort */
+dbgprintf("XXXXXX: doRetry: iRet %d, pNsd->bAbortConn %d\n", iRet, pNsd->bAbortConn);
RETiRet;
}
diff --git a/tcpsrv.c b/tcpsrv.c
index 2c97d522..c091df0b 100644
--- a/tcpsrv.c
+++ b/tcpsrv.c
@@ -704,6 +704,7 @@ RunSelect(tcpsrv_t *pThis, nsd_epworkset_t workset[], size_t sizeWorkset)
int iTCPSess;
int bIsReady;
nssel_t *pSel = NULL;
+ rsRetVal localRet;
ISOBJ_TYPE_assert(pThis, tcpsrv);
@@ -760,8 +761,8 @@ RunSelect(tcpsrv_t *pThis, nsd_epworkset_t workset[], size_t sizeWorkset)
while(nfds && iTCPSess != -1) {
if(glbl.GetGlobalInputTermState() == 1)
ABORT_FINALIZE(RS_RET_FORCE_TERM);
- CHKiRet(nssel.IsReady(pSel, pThis->pSessions[iTCPSess]->pStrm, NSDSEL_RD, &bIsReady, &nfds));
- if(bIsReady) {
+ localRet = nssel.IsReady(pSel, pThis->pSessions[iTCPSess]->pStrm, NSDSEL_RD, &bIsReady, &nfds);
+ if(bIsReady || localRet != RS_RET_OK) {
workset[iWorkset].id = iTCPSess;
workset[iWorkset].pUsr = (void*) pThis->pSessions[iTCPSess];
++iWorkset;
@@ -785,7 +786,9 @@ finalize_it: /* this is a very special case - this time only we do not exit the
* crashed, which made sense (the rest of the engine was not prepared for
* that) -- rgerhards, 2008-05-19
*/
- /*EMPTY*/;
+ if(pSel != NULL) { /* cleanup missing? happens during err exit! */
+ nssel.Destruct(&pSel);
+ }
}
/* note that this point is usually not reached */
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 6272c0dd..b3422297 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -104,6 +104,9 @@ TESTS += \
sndrcv_tls_anon.sh \
sndrcv_tls_anon_rebind.sh \
imtcp-tls-basic.sh
+if HAVE_VALGRIND
+TESTS += manytcp-too-few-tls.sh
+endif
endif
if ENABLE_OMUXSOCK
diff --git a/tests/manytcp-too-few-tls.sh b/tests/manytcp-too-few-tls.sh
new file mode 100755
index 00000000..899a87dc
--- /dev/null
+++ b/tests/manytcp-too-few-tls.sh
@@ -0,0 +1,15 @@
+# test many concurrent tcp connections
+echo \[manytcp-too-few-tls.sh\]: test concurrent tcp connections
+source $srcdir/diag.sh init
+source $srcdir/diag.sh startup-vg manytcp-too-few-tls.conf
+echo wait for DH param generation -- NOT needed in v6!
+sleep 15
+# the config file specifies exactly 1100 connections
+source $srcdir/diag.sh tcpflood -c1000 -m40000
+# the sleep below is needed to prevent too-early termination of the tcp listener
+sleep 1
+source $srcdir/diag.sh shutdown-when-empty # shut down rsyslogd when done processing messages
+source $srcdir/diag.sh wait-shutdown-vg # we need to wait until rsyslogd is finished!
+source $srcdir/diag.sh check-exit-vg
+source $srcdir/diag.sh seq-check 0 39999
+source $srcdir/diag.sh exit
diff --git a/tests/testsuites/manytcp-too-few-tls.conf b/tests/testsuites/manytcp-too-few-tls.conf
new file mode 100644
index 00000000..5269e73b
--- /dev/null
+++ b/tests/testsuites/manytcp-too-few-tls.conf
@@ -0,0 +1,22 @@
+# Test for tcp "flood" testing
+# rgerhards, 2009-04-08
+$IncludeConfig diag-common.conf
+
+$ModLoad ../plugins/imtcp/.libs/imtcp
+$MainMsgQueueTimeoutShutdown 10000
+$MaxOpenFiles 200
+$InputTCPMaxSessions 1100
+# certificates
+$DefaultNetstreamDriverCAFile testsuites/x.509/ca.pem
+$DefaultNetstreamDriverCertFile testsuites/x.509/client-cert.pem
+$DefaultNetstreamDriverKeyFile testsuites/x.509/client-key.pem
+
+$DefaultNetstreamDriver gtls # use gtls netstream driver
+
+$InputTCPServerStreamDriverMode 1
+$InputTCPServerStreamDriverAuthMode anon
+$InputTCPServerRun 13514
+
+$template outfmt,"%msg:F,58:2%\n"
+$template dynfile,"rsyslog.out.log" # trick to use relative path names!
+:msg, contains, "msgnum:" ?dynfile;outfmt