Bug #5417
closedflow memory leak
Description
when I user t-rex tester make http traffic crossing suricata, most of the flow created by suricata always can not time out. These traffic can be processd normally by netfilter conntract, and all conntrackt can time out nomally.
I found it result by FlowForceReassemblyForFlow(f, server, client) called in FlowManagerFlowTimedOut(Flow *f, struct timeval *ts), the FlowForceReassemblyForFlow will product some pseudo packets and inject them to tv->stream_pq.
But these packets who referent to flow will always can not be released from tv->stream_pq until the surcata thread end in TmThreadTimeoutLoop.
So if the suricata worker thread not end all the flows can not be time out because who referent count using by these pseudo packets.
Why suricata does that as above?
Updated by Victor Julien almost 2 years ago
- Subject changed from flow memry leak to flow memory leak
- Priority changed from Urgent to Normal
Suricata 4.1 is EOL, and has been for quite some time. Please try 6.0.5.
Updated by Victor Julien almost 2 years ago
- Status changed from New to Closed
- Target version deleted (
TBD)
Updated by Victor Julien over 1 year ago
- Related to Bug #5418: http app memory leak added