commit fbe1c835b2b02a96baf7e88527a3fa6ee070234e
parent 7f9b410904b4e93c2c20071396a745198ca63ea1
Author: Evgeny Grin (Karlson2k) <k2k@drgrin.dev>
Date: Sun, 20 Jul 2025 22:19:39 +0200
Destroy response, if it was used to create an action, but then not used
Application may use response to create an action, but then use abort
action or just some wrong action.
Perform response cleanup in all paths.
Diffstat:
2 files changed, 56 insertions(+), 0 deletions(-)
diff --git a/src/mhd2/action.c b/src/mhd2/action.c
@@ -72,6 +72,7 @@ MHD_action_from_response (struct MHD_Request *MHD_RESTRICT request,
if (mhd_ACTION_NO_ACTION != head_act->act)
{
+ /* Clean-up unused response */
mhd_response_dec_use_count (response);
return (const struct MHD_Action *) NULL;
}
@@ -80,6 +81,7 @@ MHD_action_from_response (struct MHD_Request *MHD_RESTRICT request,
! mhd_D_HAS_AUTH_DIGEST ( \
mhd_CNTNR_CPTR (request, struct MHD_Connection, rq)->daemon))
{
+ /* Clean-up unused response */
mhd_response_dec_use_count (response);
mhd_LOG_MSG (mhd_CNTNR_PTR (request, struct MHD_Connection, rq)->daemon, \
MHD_SC_AUTH_DIGEST_UNSUPPORTED, \
@@ -276,6 +278,7 @@ MHD_upload_action_from_response (struct MHD_Request *MHD_RESTRICT request,
if (mhd_UPLOAD_ACTION_NO_ACTION != upl_act->act)
{
+ /* Clean-up unused response */
mhd_response_dec_use_count (response);
return (const struct MHD_UploadAction *) NULL;
}
@@ -284,6 +287,7 @@ MHD_upload_action_from_response (struct MHD_Request *MHD_RESTRICT request,
! mhd_D_HAS_AUTH_DIGEST ( \
mhd_CNTNR_CPTR (request, struct MHD_Connection, rq)->daemon))
{
+ /* Clean-up unused response */
mhd_response_dec_use_count (response);
mhd_LOG_MSG (mhd_CNTNR_PTR (request, struct MHD_Connection, rq)->daemon, \
MHD_SC_AUTH_DIGEST_UNSUPPORTED, \
diff --git a/src/mhd2/stream_process_request.c b/src/mhd2/stream_process_request.c
@@ -58,6 +58,7 @@
#include "mempool_funcs.h"
+#include "response_destroy.h"
#include "request_funcs.h"
#include "request_get_value.h"
#include "respond_with_error.h"
@@ -3013,6 +3014,34 @@ mhd_stream_call_app_request_cb (struct MHD_Connection *restrict c)
mhd_LOG_MSG (d, MHD_SC_ACTION_INVALID, \
"Provided action is not a correct action generated " \
"for the current request.");
+ /* Perform cleanup of the created but now unused action */
+ switch (c->rq.app_act.head_act.act)
+ {
+ case mhd_ACTION_RESPONSE:
+ mhd_assert (NULL != c->rq.app_act.head_act.data.response);
+ mhd_response_dec_use_count (c->rq.app_act.head_act.data.response);
+ break;
+ case mhd_ACTION_UPLOAD:
+ case mhd_ACTION_SUSPEND:
+ /* No cleanup needed */
+ break;
+#ifdef MHD_SUPPORT_POST_PARSER
+ case mhd_ACTION_POST_PARSE:
+ /* No cleanup needed */
+ break;
+#endif /* MHD_SUPPORT_POST_PARSER */
+#ifdef MHD_SUPPORT_UPGRADE
+ case mhd_ACTION_UPGRADE:
+ /* No cleanup needed */
+ break;
+#endif /* MHD_SUPPORT_UPGRADE */
+ case mhd_ACTION_ABORT:
+ mhd_UNREACHABLE ();
+ break;
+ case mhd_ACTION_NO_ACTION:
+ default:
+ break;
+ }
a = NULL;
}
if (NULL == a)
@@ -3109,6 +3138,29 @@ mhd_stream_process_upload_action (struct MHD_Connection *restrict c,
(final &&
(mhd_UPLOAD_ACTION_CONTINUE == c->rq.app_act.upl_act.act)))
{
+ /* Perform cleanup of the created but now unused action */
+ switch (c->rq.app_act.upl_act.act)
+ {
+ case mhd_UPLOAD_ACTION_RESPONSE:
+ mhd_assert (NULL != c->rq.app_act.upl_act.data.response);
+ mhd_response_dec_use_count (c->rq.app_act.upl_act.data.response);
+ break;
+ case mhd_UPLOAD_ACTION_CONTINUE:
+ case mhd_UPLOAD_ACTION_SUSPEND:
+ /* No cleanup needed */
+ break;
+ #ifdef MHD_SUPPORT_UPGRADE
+ case mhd_UPLOAD_ACTION_UPGRADE:
+ /* No cleanup needed */
+ break;
+ #endif /* MHD_SUPPORT_UPGRADE */
+ case mhd_UPLOAD_ACTION_ABORT:
+ mhd_UNREACHABLE ();
+ break;
+ case mhd_UPLOAD_ACTION_NO_ACTION:
+ default:
+ break;
+ }
mhd_LOG_MSG (c->daemon, MHD_SC_UPLOAD_ACTION_INVALID, \
"Provided action is not a correct action generated " \
"for the current request.");
