backport upstreams to fixed memory leak on configuration reload with PCRE2

(cherry picked from commit a85820d9c4cdc018dcd955631298614b33e9f169)

backport-Core-fixed-memory-leak-on-configuration-reload-with-PCRE2.patch

@@ -0,0 +1,54 @@
+From 284a0c73771e3a2c57af6e74d96d9a6878b2e7b4 Mon Sep 17 00:00:00 2001
+From: Maxim Dounin <mdounin@mdounin.ru>
+Date: Tue, 17 Oct 2023 02:39:38 +0300
+Subject: [PATCH] Core: fixed memory leak on configuration reload with PCRE2.
+
+In ngx_regex_cleanup() allocator wasn't configured when calling
+pcre2_compile_context_free() and pcre2_match_data_free(), resulting
+in no ngx_free() call and leaked memory.  Fix is ensure that allocator
+is configured for global allocations, so that ngx_free() is actually
+called to free memory.
+
+Additionally, ngx_regex_compile_context was cleared in
+ngx_regex_module_init().  It should be either not cleared, so it will
+be freed by ngx_regex_cleanup(), or properly freed.  Fix is to
+not clear it, so ngx_regex_cleanup() will be able to free it.
+
+Reported by ZhenZhong Wu,
+https://mailman.nginx.org/pipermail/nginx-devel/2023-September/3Z5FIKUDRN2WBSL3JWTZJ7SXDA6YIWPB.html
+---
+ src/core/ngx_regex.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/core/ngx_regex.c b/src/core/ngx_regex.c
+index 91381f49942..5b13c5db389 100644
+--- a/src/core/ngx_regex.c
++++ b/src/core/ngx_regex.c
+@@ -600,6 +600,8 @@ ngx_regex_cleanup(void *data)
+      * the new cycle, these will be re-allocated.
+      */
+ 
++    ngx_regex_malloc_init(NULL);
++
+     if (ngx_regex_compile_context) {
+         pcre2_compile_context_free(ngx_regex_compile_context);
+         ngx_regex_compile_context = NULL;
+@@ -611,6 +613,8 @@ ngx_regex_cleanup(void *data)
+         ngx_regex_match_data_size = 0;
+     }
+ 
++    ngx_regex_malloc_done();
++
+ #endif
+ }
+ 
+@@ -706,9 +710,6 @@ ngx_regex_module_init(ngx_cycle_t *cycle)
+     ngx_regex_malloc_done();
+ 
+     ngx_regex_studies = NULL;
+-#if (NGX_PCRE2)
+-    ngx_regex_compile_context = NULL;
+-#endif
+ 
+     return NGX_OK;
+ }

nginx.spec

@@ -17,7 +17,7 @@
 Name:              nginx
 Epoch:             1
 Version:           1.24.0
-Release:           4
+Release:           5
 Summary:           A HTTP server, reverse proxy and mail proxy server
 License:           BSD
 URL:               http://nginx.org/
@@ -44,6 +44,7 @@ Patch3:            backport-CVE-2023-44487.patch
 Patch4:            backport-CVE-2024-7347.patch
 Patch5:            backport-CVE-2025-23419.patch
 Patch6:            backport-Fixed-segfault-if-regex-studies-list-allocation-fails.patch
+Patch7:            backport-Core-fixed-memory-leak-on-configuration-reload-with-PCRE2.patch
 
 BuildRequires:     gcc openssl-devel pcre2-devel zlib-devel systemd gperftools-devel
 Requires:          nginx-filesystem = %{epoch}:%{version}-%{release} openssl
@@ -391,6 +392,9 @@ fi
 %{_mandir}/man8/nginx.8*
 
 %changelog
+* Wed Apr 02 2025 gaihuiying <eaglegai@163.com> - 1:1.24.0-5
+- backport upstreams to fixed memory leak on configuration reload with PCRE2
+
 * Wed Apr 02 2025 gaihuiying <eaglegai@163.com> - 1:1.24.0-4
 - backport upstreams to fix possible segfault