From 1cb16c0457e8eb7c94facd2b9388c4993906b229 Mon Sep 17 00:00:00 2001 From: Mike Dalessio Date: Mon, 20 Nov 2023 18:44:11 -0500 Subject: [PATCH 1/2] test: use /proc/self to measure rss in the memory leak suite minitest-parallel_fork creates new runner processes, so the constant created using Process.pid is out of date. --- test/test_memory_leak.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/test_memory_leak.rb b/test/test_memory_leak.rb index d337645f3ed..cb00ca6ba32 100644 --- a/test/test_memory_leak.rb +++ b/test/test_memory_leak.rb @@ -336,7 +336,8 @@ module MemInfo rescue 4096 end - STATM_PATH = "/proc/#{Process.pid}/statm" + + STATM_PATH = "/proc/self/statm" STATM_FOUND = File.exist?(STATM_PATH) def self.rss From 84f1706bdfcc5f638cf6ebe65fec3ec7ed6c1b96 Mon Sep 17 00:00:00 2001 From: Mike Dalessio Date: Mon, 20 Nov 2023 18:45:23 -0500 Subject: [PATCH 2/2] fix: gumbo memory leak on abandoned tags found by the fuzzer --- gumbo-parser/src/tokenizer.c | 1 + test/test_memory_leak.rb | 14 ++++++++++++++ 2 files changed, 15 insertions(+) diff --git a/gumbo-parser/src/tokenizer.c b/gumbo-parser/src/tokenizer.c index 015e02a2ff8..5aa51e23d8d 100644 --- a/gumbo-parser/src/tokenizer.c +++ b/gumbo-parser/src/tokenizer.c @@ -506,6 +506,7 @@ static void abandon_current_tag(GumboParser* parser) { for (unsigned int i = 0; i < tag_state->_attributes.length; ++i) { gumbo_destroy_attribute(tag_state->_attributes.data[i]); } + gumbo_free(tag_state->_name); gumbo_free(tag_state->_attributes.data); mark_tag_state_as_empty(tag_state); gumbo_string_buffer_destroy(&tag_state->_buffer); diff --git a/test/test_memory_leak.rb b/test/test_memory_leak.rb index cb00ca6ba32..27850f1f727 100644 --- a/test/test_memory_leak.rb +++ b/test/test_memory_leak.rb @@ -270,6 +270,20 @@ def test_leaking_dtd_nodes_after_internal_subset_removal puts end end + + describe "libgumbo abandoned tag" do + it "should not leak the tag name" do + html = <<~HTML +