From 7464514ca5e825ada31522b63a33e02d62a0a248 Mon Sep 17 00:00:00 2001
From: Peter Zhu <peter@peterzhu.ca>
Date: Thu, 25 Jul 2024 15:28:25 -0400
Subject: Fix memory leak in String#start_with? when regexp times out

[Bug #20653]

This commit refactors how Onigmo handles timeout. Instead of raising a
timeout error, onig_search will return a ONIGERR_TIMEOUT which the
caller can free memory, and then raise a timeout error.

This fixes a memory leak in String#start_with when the regexp times out.
For example:

    regex = Regexp.new("^#{"(a*)" * 10_000}x$", timeout: 0.000001)
    str = "a" * 1000000 + "x"

    10.times do
      100.times do
        str.start_with?(regex)
      rescue
      end

      puts `ps -o rss= -p #{$$}`
    end

Before:

    33216
    51936
    71152
    81728
    97152
    103248
    120384
    133392
    133520
    133616

After:

    14912
    15376
    15824
    15824
    16128
    16128
    16144
    16144
    16160
    16160
---
 regexec.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'regexec.c')

diff --git a/regexec.c b/regexec.c
index 9833eeff25..cd3f5daff5 100644
--- a/regexec.c
+++ b/regexec.c
@@ -5575,8 +5575,7 @@ onig_search_gpos(regex_t* reg, const UChar* str, const UChar* end,
 
 timeout:
   MATCH_ARG_FREE(msa);
-  onig_region_free(region, false);
-  HANDLE_REG_TIMEOUT_IN_MATCH_AT;
+  return ONIGERR_TIMEOUT;
 }
 
 extern OnigPosition
-- 
cgit v1.2.3