aixiao/DenyIP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Add leak_detector_c

Browse Source
This commit is contained in:
aixiao
2025-04-24 10:01:18 +08:00
parent 1c28d55681
commit 6a4fb872f7
13 changed files with 337 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.vscode/settings.json vendored
View File

@@ -11,6 +11,7 @@
"errno.h": "c", "errno.h": "c",
"stdlib.h": "c", "stdlib.h": "c",
"string.h": "c", "string.h": "c",
"stat.h": "c" "stat.h": "c",
"leak_detector_c.h": "c"
} }
} }

4
Makefile
View File

@@ -68,7 +68,7 @@ ipquery:
cd IP_region_query && CGO_ENABLED=0 go build -ldflags '-w -s' && upx -9 ipquery cd IP_region_query && CGO_ENABLED=0 go build -ldflags '-w -s' && upx -9 ipquery
# 动态链接目标 # 动态链接目标
$(BIN): cap.o common.o ip2region/ip2region.o ip2region/xdb_searcher.o libipset.o libcurl.o cache.o $(BIN): cap.o common.o ip2region/ip2region.o ip2region/xdb_searcher.o libipset.o libcurl.o cache.o leak_detector_c/leak_detector_c.o
$(CC) $(CFLAGS) -o $(BIN) $^ -lpcap -lipset -lcurl -lcjson $(CC) $(CFLAGS) -o $(BIN) $^ -lpcap -lipset -lcurl -lcjson
# 静态链接目标 # 静态链接目标
@@ -81,4 +81,4 @@ static: cap.o common.o ip2region/ip2region.o ip2region/xdb_searcher.o libipset.o
# 清理目标 # 清理目标
clean: clean:
rm -rf $(BIN) IP_region_query/ipquery rm -rf $(BIN) IP_region_query/ipquery
rm -rf cap.o common.o ip2region/ip2region.o ip2region/xdb_searcher.o libipset.o libcurl.o cache.o rm -rf cap.o common.o ip2region/ip2region.o ip2region/xdb_searcher.o libipset.o libcurl.o cache.o leak_detector_c/leak_detector_c.o

3
cache.c
View File

@@ -88,6 +88,9 @@ void free_ip_cache()
cache_size = 0; cache_size = 0;
} }
char cn_ip[MAXIPSET_][MAXIPLEN] = { 0 }; char cn_ip[MAXIPSET_][MAXIPLEN] = { 0 };
// 添加一个 IP 到集合(如果已存在则不添加) // 添加一个 IP 到集合(如果已存在则不添加)

21
cap.c
View File

@@ -3,6 +3,7 @@
#include "libipset.h" #include "libipset.h"
#include "libcurl.h" #include "libcurl.h"
#include "cache.h" #include "cache.h"
#include "leak_detector_c/leak_detector_c.h"
pcap_if_t *alldevs, *device; pcap_if_t *alldevs, *device;
pcap_t *handle; // 会话句柄 pcap_t *handle; // 会话句柄
@@ -37,7 +38,7 @@ void Processing_IP_addresses(char *src_ip)
// 如果ipset规则已经存在则跳过查询 // 如果ipset规则已经存在则跳过查询
snprintf(ipset_query_command, sizeof(ipset_query_command), "ipset test %s %s 2>/dev/null", RULE_NAME, src_ip); snprintf(ipset_query_command, sizeof(ipset_query_command), "ipset test %s %s 2>/dev/null", RULE_NAME, src_ip);
if (system(ipset_query_command) == 0) { if (system(ipset_query_command) == 0) {
// _printf(RED "Ipset 规则内已经存在 %s\n" REDEND, src_ip); _printf(RED "Ipset 规则内已经存在 %s\n" REDEND, src_ip);
return; return;
} }
@@ -92,10 +93,10 @@ void Processing_IP_addresses(char *src_ip)
if (parse_json_to_struct(p, &response) == 0) { // 解析 JSON 到结构体 if (parse_json_to_struct(p, &response) == 0) { // 解析 JSON 到结构体
if (NULL == strstr(response.continent_country, "中国")) { // 这时是国外IP if (NULL == strstr(response.continent_country, "中国")) { // 这时是国外IP
_printf(RED "CurlGetIpArea(): %s %s\n" REDEND, src_ip, response.continent_country); _printf(RED "CurlGetIpArea(): %s %s\r\n" REDEND, src_ip, response.continent_country);
add_ip_to_ipset(RULE_NAME, src_ip); add_ip_to_ipset(RULE_NAME, src_ip);
} else { // 这时是国内IP } else { // 这时是国内IP
if (-1 == add_cn_ip(cn_ip, src_ip)) { // 添加国内IP到缓存 if (-1 == add_cn_ip(cn_ip, src_ip)) { // 添加国内IP到缓存
_printf(RED "add_cn_ip() Error!!! 错误:集合已满\n" REDEND); _printf(RED "add_cn_ip() Error!!! 错误:集合已满\n" REDEND);
} }
_printf("IP: %s 离线库为国外, API 判断为国内, 标记为已处理!!!\n", src_ip); _printf("IP: %s 离线库为国外, API 判断为国内, 标记为已处理!!!\n", src_ip);
@@ -113,11 +114,14 @@ void Processing_IP_addresses(char *src_ip)
} }
} }
if (ip2region_area != NULL) { if (ip2region_area != NULL) {
free(ip2region_area); free(ip2region_area);
ip2region_area = NULL; ip2region_area = NULL;
} }
dump_mem_leak();
return; return;
} }
@@ -199,7 +203,10 @@ void cleanup_(int signum)
int main(int argc, char **argv) int main(int argc, char **argv)
{ {
atexit(report_mem_leak);
// 注册 SIGTERM 信号处理函数 // 注册 SIGTERM 信号处理函数
signal(SIGINT, cleanup_);
signal(SIGTERM, cleanup_); signal(SIGTERM, cleanup_);
int opt; int opt;
@@ -337,9 +344,12 @@ int main(int argc, char **argv)
if (create_ipset(RULE_NAME) != 0) { if (create_ipset(RULE_NAME) != 0) {
_printf("创建 IPSet %s 失败\n", RULE_NAME); _printf("创建 IPSet %s 失败\n", RULE_NAME);
} else { } else {
/*
char iptables_command[256]; char iptables_command[256];
sprintf(iptables_command, "iptables -I INPUT -m set --match-set %s src -j DROP", RULE_NAME); sprintf(iptables_command, "iptables -I INPUT -m set --match-set %s src -j DROP", RULE_NAME);
system(iptables_command); system(iptables_command);
*/
add_iptables_rule(RULE_NAME);
} }
} }
@@ -349,7 +359,7 @@ int main(int argc, char **argv)
} }
} }
sleep(3); // 每 3 秒检查一次 sleep(7); // 每 3 秒检查一次
} }
} }
@@ -406,6 +416,7 @@ int main(int argc, char **argv)
pcap_freecode(&fp); pcap_freecode(&fp);
pcap_freealldevs(alldevs); // 释放设备列表 pcap_freealldevs(alldevs); // 释放设备列表
pcap_close(handle); // 关闭会话句柄 pcap_close(handle); // 关闭会话句柄
return 0; return 0;
} }

2
cap.h
View File

@@ -24,7 +24,7 @@
#define REDEND "\033[0m" #define REDEND "\033[0m"
#define MAXIPSET 65535 #define MAXIPSET 65535
#define MAXIPSET_RULT_NAME_NUM 26 #define MAXIPSET_RULT_NAME_NUM 32
#define _VERSION "0.2" #define _VERSION "0.2"

BIN
leak_detector_c/a.out Normal file
View File

Binary file not shown.

197
leak_detector_c/leak_detector_c.c Normal file
View File

@@ -0,0 +1,197 @@
#include <stdio.h>
#include <malloc.h>
#include <string.h>
#include "leak_detector_c.h"
// 取消宏定义,使用原始 malloc/calloc/free
#undef malloc
#undef calloc
#undef free
// 全局链表起始与当前位置指针
static MEM_LEAK *ptr_start = NULL;
static MEM_LEAK *ptr_next = NULL;
/*
* 将分配的内存信息添加到链表中
*/
void add(MEM_INFO alloc_info)
{
MEM_LEAK *mem_leak_info = NULL;
// 分配一个新的链表节点
mem_leak_info = (MEM_LEAK *) malloc(sizeof(MEM_LEAK));
mem_leak_info->mem_info.address = alloc_info.address;
mem_leak_info->mem_info.size = alloc_info.size;
strcpy(mem_leak_info->mem_info.file_name, alloc_info.file_name);
mem_leak_info->mem_info.line = alloc_info.line;
mem_leak_info->next = NULL;
// 如果是第一个节点
if (ptr_start == NULL) {
ptr_start = mem_leak_info;
ptr_next = ptr_start;
} else {
// 添加到链表末尾
ptr_next->next = mem_leak_info;
ptr_next = ptr_next->next;
}
}
/*
* 根据位置索引从链表中删除内存记录
*/
void erase(unsigned pos)
{
unsigned index = 0;
MEM_LEAK *alloc_info, *temp;
// 删除第一个节点
if (pos == 0) {
MEM_LEAK *temp = ptr_start;
ptr_start = ptr_start->next;
free(temp);
} else {
// 删除中间或最后一个节点
for (index = 0, alloc_info = ptr_start; index < pos; alloc_info = alloc_info->next, ++index) {
if (pos == index + 1) {
temp = alloc_info->next;
alloc_info->next = temp->next;
free(temp);
break;
}
}
}
}
/*
* 清空链表中所有内存记录
*/
void clear()
{
MEM_LEAK *temp = ptr_start;
MEM_LEAK *alloc_info = ptr_start;
while (alloc_info != NULL) {
alloc_info = alloc_info->next;
free(temp);
temp = alloc_info;
}
}
/*
* 自定义 malloc 函数:分配内存并记录来源信息
*/
void *xmalloc(unsigned int size, const char *file, unsigned int line)
{
void *ptr = malloc(size);
if (ptr != NULL) {
add_mem_info(ptr, size, file, line);
}
return ptr;
}
/*
* 自定义 calloc 函数:分配并初始化内存,同时记录信息
*/
void *xcalloc(unsigned int elements, unsigned int size, const char *file, unsigned int line)
{
unsigned total_size;
void *ptr = calloc(elements, size);
if (ptr != NULL) {
total_size = elements * size;
add_mem_info(ptr, total_size, file, line);
}
return ptr;
}
/*
* 自定义 free 函数:释放内存前先移除记录
*/
void xfree(void *mem_ref)
{
remove_mem_info(mem_ref); // 移除记录
free(mem_ref); // 实际释放
}
/*
* 创建内存分配信息并添加到链表中
*/
void add_mem_info(void *mem_ref, unsigned int size, const char *file, unsigned int line)
{
MEM_INFO mem_alloc_info;
// 清空结构体,确保初始化干净
memset(&mem_alloc_info, 0, sizeof(mem_alloc_info));
mem_alloc_info.address = mem_ref;
mem_alloc_info.size = size;
strncpy(mem_alloc_info.file_name, file, FILE_NAME_LENGTH);
mem_alloc_info.line = line;
// 添加到链表中
add(mem_alloc_info);
}
/*
* 从链表中移除某段已释放的内存记录
*/
void remove_mem_info(void *mem_ref)
{
unsigned short index;
MEM_LEAK *leak_info = ptr_start;
// 遍历链表查找目标地址
for (index = 0; leak_info != NULL; ++index, leak_info = leak_info->next) {
if (leak_info->mem_info.address == mem_ref) {
erase(index); // 找到后删除
break;
}
}
}
/*
* 将所有未释放的内存信息写入输出文件
*/
void report_mem_leak(void)
{
MEM_LEAK *leak_info;
FILE *fp_write = fopen(OUTPUT_FILE, "wt");
if (fp_write != NULL) {
fprintf(fp_write, "Memory Leak Summary\n");
fprintf(fp_write, "-----------------------------------\n");
// 遍历所有未释放的记录,写入文件
for (leak_info = ptr_start; leak_info != NULL; leak_info = leak_info->next) {
fprintf(fp_write, "address : %p\n", leak_info->mem_info.address);
fprintf(fp_write, "size : %d bytes\n", leak_info->mem_info.size);
fprintf(fp_write, "file : %s\n", leak_info->mem_info.file_name);
fprintf(fp_write, "line : %d\n", leak_info->mem_info.line);
fprintf(fp_write, "-----------------------------------\n");
}
fclose(fp_write); // 关闭输出文件
}
clear(); // 清空链表,释放资源
}
void dump_mem_leak(void)
{
MEM_LEAK *leak_info;
leak_info = ptr_start;
if (leak_info != NULL) {
fprintf(stderr, "Memory Leak Snapshot\n");
fprintf(stderr, "-----------------------------------\n");
for (; leak_info != NULL; leak_info = leak_info->next) {
fprintf(stderr, "address : %p\n", leak_info->mem_info.address);
fprintf(stderr, "size : %d bytes\n", leak_info->mem_info.size);
fprintf(stderr, "file : %s\n", leak_info->mem_info.file_name);
fprintf(stderr, "line : %d\n", leak_info->mem_info.line);
fprintf(stderr, "-----------------------------------\n");
}
}
}

61
leak_detector_c/leak_detector_c.h Normal file
View File

@@ -0,0 +1,61 @@
#ifndef LEAK_DETECTOR_C_H
#define LEAK_DETECTOR_C_H
// 文件名最大长度
#define FILE_NAME_LENGTH 256
// 内存泄漏信息输出文件
#define OUTPUT_FILE "leak_info.txt"
// 用宏重定义 malloc、calloc 和 free为其添加文件名和行号信息
#define malloc(size) xmalloc (size, __FILE__, __LINE__)
#define calloc(elements, size) xcalloc (elements, size, __FILE__, __LINE__)
#define free(mem_ref) xfree(mem_ref)
// 用于记录每一次内存分配的信息结构体
struct _MEM_INFO {
void *address; // 分配的内存地址
unsigned int size; // 分配的大小
char file_name[FILE_NAME_LENGTH]; // 分配发生的文件名
unsigned int line; // 分配发生的代码行号
};
typedef struct _MEM_INFO MEM_INFO;
// 内存泄漏记录结构体,使用链表形式组织
struct _MEM_LEAK {
MEM_INFO mem_info; // 内存信息
struct _MEM_LEAK *next; // 指向下一个节点的指针
};
typedef struct _MEM_LEAK MEM_LEAK;
// 添加一条内存分配信息记录
void add(MEM_INFO alloc_info);
// 删除某个位置的内存记录
void erase(unsigned pos);
// 清空所有内存记录
void clear(void);
// 自定义 malloc记录内存分配位置
void *xmalloc(unsigned int size, const char *file, unsigned int line);
// 自定义 calloc记录内存分配位置
void *xcalloc(unsigned int elements, unsigned int size, const char *file, unsigned int line);
// 自定义 free在释放内存时移除记录
void xfree(void *mem_ref);
// 添加一条内存分配记录
void add_mem_info(void *mem_ref, unsigned int size, const char *file, unsigned int line);
// 移除某个内存记录(在调用 free 时使用)
void remove_mem_info(void *mem_ref);
// 生成内存泄漏报告
extern void report_mem_leak(void);
extern void dump_mem_leak(void);
#endif

12
leak_detector_c/leak_info.txt Normal file
View File

@@ -0,0 +1,12 @@
Memory Leak Summary
-----------------------------------
address : 0x7fffe6d502a0
size : 1 bytes
file : test.c
line : 8
-----------------------------------
address : 0x7fffe6d50520
size : 60 bytes
file : test.c
line : 14
-----------------------------------

20
leak_detector_c/test.c Normal file
View File

@@ -0,0 +1,20 @@
#include <malloc.h>
#include <stdlib.h>
#include "leak_detector_c.h"
int main()
{
atexit(report_mem_leak);
char *ptr1 = (char *)malloc(1);
int *ptr2 = (int *)calloc(1, sizeof(int));
float * ptr3 = (float *) calloc(15, sizeof(float));
free(ptr2);
dump_mem_leak();
return 0;
}

1
libcurl.c
View File

@@ -192,6 +192,7 @@ int parse_json_to_struct(const char *json_string, Response *response)
cJSON *root = cJSON_Parse(json_string); cJSON *root = cJSON_Parse(json_string);
if (!root) { if (!root) {
fprintf(stderr, "Error parsing JSON: %s\n", cJSON_GetErrorPtr()); fprintf(stderr, "Error parsing JSON: %s\n", cJSON_GetErrorPtr());
printf("%s\n", json_string);
return -1; return -1;
} }
// 解析字段 // 解析字段

21
libipset.c
View File

@@ -208,6 +208,27 @@ int get_ip_count_in_ipset(char *set_name)
return ip_count; return ip_count;
} }
void add_iptables_rule(const char *rule_name)
{
char iptables_command[256];
// 使用 snprintf 避免溢出
int written = snprintf(iptables_command, sizeof(iptables_command),
"iptables -I INPUT -m set --match-set %s src -j DROP", rule_name);
if (written < 0 || written >= sizeof(iptables_command)) {
fprintf(stderr, "Error: iptables command is too long.\n");
return;
}
// 执行命令并检查返回值
int ret = system(iptables_command);
if (ret != 0) {
fprintf(stderr, "Failed to execute iptables command: %s\n", iptables_command);
}
}
/* /*
int main() int main()
{ {

1
libipset.h
View File

@@ -13,5 +13,6 @@
extern int create_ipset(char *set_name); extern int create_ipset(char *set_name);
extern int add_ip_to_ipset(char *set_name, char *ip); extern int add_ip_to_ipset(char *set_name, char *ip);
extern int get_ip_count_in_ipset(char *set_name); extern int get_ip_count_in_ipset(char *set_name);
extern void add_iptables_rule(const char *rule_name);
#endif #endif