!33 backport fix memory leak that occurs on JSON parsing error

From: @ikernel-mryao 
Reviewed-by: @Charlie_li 
Signed-off-by: @Charlie_li

mod_security.spec

@@ -7,7 +7,7 @@
 
 Name: mod_security
 Version: 2.9.5
-Release: 5
+Release: 6
 Summary: Security module for the Apache HTTP Server
 License: ASL 2.0
 URL: http://www.modsecurity.org/
@@ -19,6 +19,7 @@ Patch0000: modsecurity-2.9.5-lua-54.patch
 Patch0001: modsecurity-2.9.5-use-uid-if-user-name-is-not-available.patch
 Patch0002: modsecurity-2.9.5-Properly-cleanup-XML-parser-contexts-upon-completion.patch
 Patch0003: modsecurity-2.9.5-Add-SecRequestBodyJsonDepthLimit-to-modsecurity.conf.patch
+Patch0004: modsecurity-2.9.5-Fix-memory-leak-that-occurs-on-JSON-parsing-error.patch
 
 Requires: httpd httpd-mmn = %{_httpd_mmn}
 BuildRequires: gcc make perl-generators httpd-devel yajl yajl-devel
@@ -101,6 +102,9 @@ install -m0755 mlogc/mlogc-batch-load.pl %{buildroot}%{_bindir}/mlogc-batch-load
 %endif
 
 %changelog
+* Sat Jan 7 2023 yaoguangzhong <yaoguangzhong@xfusion.com> - 2.9.5-6
+- backport fix memory leak that occurs on JSON parsing error
+
 * Sat Jan 7 2023 yaoguangzhong <yaoguangzhong@xfusion.com> - 2.9.5-5
 - backport Add SecRequestBodyJsonDepthLimit to modsecurity.conf-recommended
 

modsecurity-2.9.5-Fix-memory-leak-that-occurs-on-JSON-parsing-error.patch

@@ -0,0 +1,48 @@
+From 0951ccdfa2eee85e71ddcec6a45c87ce37772c69 Mon Sep 17 00:00:00 2001
+From: yaoguangzhong <yaoguangzhong@xfusion.com>
+Date: Sat, 7 Jan 2023 15:02:18 +0800
+Subject: [PATCH] Fix memory leak that occurs on JSON parsing error
+
+From Author: Martin Vierula <martin.vierula@trustwave.com>
+commit c6582df2e5e3a92ba4b90e2a6cfaeb89f61bcadf
+---
+ apache2/msc_json.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/apache2/msc_json.c b/apache2/msc_json.c
+index d69e9eb..cbaab0e 100644
+--- a/apache2/msc_json.c
++++ b/apache2/msc_json.c
+@@ -351,11 +351,12 @@ int json_process_chunk(modsec_rec *msr, const char *buf, unsigned int size, char
+     /* Feed our parser and catch any errors */
+     msr->json->status = yajl_parse(msr->json->handle, buf, size);
+     if (msr->json->status != yajl_status_ok) {
+-        /* We need to free the yajl error message later, how to do this? */
+ 	if (msr->json->depth_limit_exceeded) {
+            *error_msg = "JSON depth limit exceeded";
+ 	} else {
+-           *error_msg = yajl_get_error(msr->json->handle, 0, NULL, 0);
++           char *yajl_err = yajl_get_error(msr->json->handle, 0, buf, size);
++           *error_msg = apr_pstrdup(msr->mp, yajl_err);
++           yajl_free_error(msr->json->handle, yajl_err);
+ 	}
+         return -1;
+     }
+@@ -375,11 +376,12 @@ int json_complete(modsec_rec *msr, char **error_msg) {
+     /* Wrap up the parsing process */
+     msr->json->status = yajl_complete_parse(msr->json->handle);
+     if (msr->json->status != yajl_status_ok) {
+-        /* We need to free the yajl error message later, how to do this? */
+ 	if (msr->json->depth_limit_exceeded) {
+            *error_msg = "JSON depth limit exceeded";
+ 	} else {
+-           *error_msg = yajl_get_error(msr->json->handle, 0, NULL, 0);
++           char *yajl_err = yajl_get_error(msr->json->handle, 0, NULL, 0);
++            *error_msg = apr_pstrdup(msr->mp, yajl_err);
++            yajl_free_error(msr->json->handle, yajl_err);
+ 	}
+ 
+         return -1;
+-- 
+2.27.0
+