🐛 Use memory pool to create large array

ADD-SP · ADD-SP · commit b6d8e7340302 · 2020-08-10T23:03:35.000+08:00
diff --git a/inc/ngx_http_waf_module.h b/inc/ngx_http_waf_module.h
@@ -24,6 +24,8 @@
 #define TRUE (1)
 #define FALSE (0)
 
+
+#define RULE_MAX_LEN (256 * 4 * 8)
 #define INITIAL_SIZE (sizeof(hash_table_item_int_ulong_t) * 60000)
 
 /* 检查对应文件是否存在，如果存在则根据 mode 的值将数据处理后存入数组中 */
diff --git a/src/ngx_http_waf_module.c b/src/ngx_http_waf_module.c
@@ -92,7 +92,7 @@ static char* ngx_http_waf_rule_path_conf(ngx_conf_t* cf, ngx_command_t* cmd, voi
         return NGX_CONF_ERROR;
     }
 
-    char full_path[256 * 4 * 8];
+    char* full_path = ngx_palloc(cf->pool, sizeof(char) * RULE_MAX_LEN);
     char* end = to_c_str((u_char*)full_path, srv_conf->ngx_waf_rule_path);
 
     CHECK_AND_LOAD_CONF(cf, full_path, end, IPV4_FILE, srv_conf->block_ipv4, 1);
@@ -104,6 +104,7 @@ static char* ngx_http_waf_rule_path_conf(ngx_conf_t* cf, ngx_command_t* cmd, voi
     CHECK_AND_LOAD_CONF(cf, full_path, end, WHITE_URL_FILE, srv_conf->white_url, 0);
     CHECK_AND_LOAD_CONF(cf, full_path, end, WHITE_REFERER_FILE, srv_conf->white_referer, 0);
 
+    ngx_pfree(cf->pool, full_path);
     return NGX_CONF_OK;
 }
 
@@ -303,6 +304,7 @@ static ngx_int_t check_cc_ipv4(ngx_http_request_t* r, ngx_http_waf_srv_conf_t* s
     return FAIL;
 }
 
+
 static ngx_int_t free_hash_table(ngx_http_request_t* r, ngx_http_waf_srv_conf_t* srv_conf) {
     hash_table_item_int_ulong_t* p = NULL;
     int count = 0;
@@ -413,11 +415,11 @@ static ngx_int_t check_ipv4(unsigned long ip, ngx_array_t* a) {
 static ngx_int_t load_into_array(ngx_conf_t* cf, const char* file_name, ngx_array_t* ngx_array, ngx_int_t mode) {
     FILE* fp = fopen(file_name, "r");
     ngx_str_t line;
-    char str[256 * 4 * 8];
+    char* str = ngx_palloc(cf->pool, sizeof(char) * RULE_MAX_LEN);
     if (fp == NULL) {
         return FAIL;
     }
-    while (fgets(str, 256 * 4 * 8, fp) != NULL) {
+    while (fgets(str, RULE_MAX_LEN - 16, fp) != NULL) {
         ngx_regex_compile_t   rc;
         u_char                errstr[NGX_MAX_CONF_ERRSTR];
         ngx_regex_elt_t* ngx_regex_elt;
@@ -450,6 +452,7 @@ static ngx_int_t load_into_array(ngx_conf_t* cf, const char* file_name, ngx_arra
         }
     }
     fclose(fp);
+    ngx_pfree(cf->pool, str);
     return SUCCESS;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -92,7 +92,7 @@ static char* ngx_http_waf_rule_path_conf(ngx_conf_t* cf, ngx_command_t* cmd, voi`
`92`	`92`	`return NGX_CONF_ERROR;`
`93`	`93`	`}`
`94`	`94`
`95`		`- char full_path[256 * 4 * 8];`
	`95`	`+ char* full_path = ngx_palloc(cf->pool, sizeof(char) * RULE_MAX_LEN);`
`96`	`96`	`char* end = to_c_str((u_char*)full_path, srv_conf->ngx_waf_rule_path);`
`97`	`97`
`98`	`98`	`CHECK_AND_LOAD_CONF(cf, full_path, end, IPV4_FILE, srv_conf->block_ipv4, 1);`
`@@ -104,6 +104,7 @@ static char* ngx_http_waf_rule_path_conf(ngx_conf_t* cf, ngx_command_t* cmd, voi`
`104`	`104`	`CHECK_AND_LOAD_CONF(cf, full_path, end, WHITE_URL_FILE, srv_conf->white_url, 0);`
`105`	`105`	`CHECK_AND_LOAD_CONF(cf, full_path, end, WHITE_REFERER_FILE, srv_conf->white_referer, 0);`
`106`	`106`
	`107`	`+ ngx_pfree(cf->pool, full_path);`
`107`	`108`	`return NGX_CONF_OK;`
`108`	`109`	`}`
`109`	`110`
`@@ -303,6 +304,7 @@ static ngx_int_t check_cc_ipv4(ngx_http_request_t* r, ngx_http_waf_srv_conf_t* s`
`303`	`304`	`return FAIL;`
`304`	`305`	`}`
`305`	`306`
	`307`	`+`
`306`	`308`	`static ngx_int_t free_hash_table(ngx_http_request_t* r, ngx_http_waf_srv_conf_t* srv_conf) {`
`307`	`309`	`hash_table_item_int_ulong_t* p = NULL;`
`308`	`310`	`int count = 0;`
`@@ -413,11 +415,11 @@ static ngx_int_t check_ipv4(unsigned long ip, ngx_array_t* a) {`
`413`	`415`	`static ngx_int_t load_into_array(ngx_conf_t* cf, const char* file_name, ngx_array_t* ngx_array, ngx_int_t mode) {`
`414`	`416`	`FILE* fp = fopen(file_name, "r");`
`415`	`417`	`ngx_str_t line;`
`416`		`- char str[256 * 4 * 8];`
	`418`	`+ char* str = ngx_palloc(cf->pool, sizeof(char) * RULE_MAX_LEN);`
`417`	`419`	`if (fp == NULL) {`
`418`	`420`	`return FAIL;`
`419`	`421`	`}`
`420`		`- while (fgets(str, 256 * 4 * 8, fp) != NULL) {`
	`422`	`+ while (fgets(str, RULE_MAX_LEN - 16, fp) != NULL) {`
`421`	`423`	`ngx_regex_compile_t rc;`
`422`	`424`	`u_char errstr[NGX_MAX_CONF_ERRSTR];`
`423`	`425`	`ngx_regex_elt_t* ngx_regex_elt;`
`@@ -450,6 +452,7 @@ static ngx_int_t load_into_array(ngx_conf_t* cf, const char* file_name, ngx_arra`
`450`	`452`	`}`
`451`	`453`	`}`
`452`	`454`	`fclose(fp);`
	`455`	`+ ngx_pfree(cf->pool, str);`
`453`	`456`	`return SUCCESS;`
`454`	`457`	`}`
`455`	`458`