RT RT/krbdev.mit.edu: Ticket #6844 Memory leak in save_error_string_nocopy() Signed in as guest.
[Logout]

[Home] [Search] [Configuration]

[Display] [History] [Basics] [Dates] [People] [Links] [Jumbo]

 
 

 The Basics  
Id
6844
Status
resolved
Worked
0 min
Priority
0/0
Queue
krb5
 

 Keyword Selections  
Component
Tags
Version_reported
Version_Fixed
  • 1.9.2
Target_Version
  • 1.9.2
 

 Relationships  
Depends on:
Depended on by:
Parents:
Children:

Refers to:
Referred to by:
 
 Dates  
Created: Tue Dec 14 22:32:38 2010
Starts: Not set
Started: Tue Mar 8 15:53:56 2011
Last Contact: Thu Jun 9 17:08:29 2011
Due: Not set
Updated: Wed Dec 16 18:02:56 2015 by tlyu
 

 People  
Owner
 tlyu
Requestors
 aberry@likewise.com, TIMOFEY.POZDEEV@saic.com
Cc
 
AdminCc
 
 

 More about "Arlene Berry"  
Comments about this user:
No comment entered about this user
This user's 25 highest priority tickets:
 
 More about Tim Pozdeev  
Comments about this user:
No comment entered about this user
This user's 25 highest priority tickets:
 

History   Display mode: [Brief headers] [Full headers]
      Tue Dec 14 22:32:38 2010  TIMOFEY.POZDEEV@saic.com - Ticket created    
     
Subject: Memory leak in save_error_string_nocopy()
From: Tim Pozdeev <TIMOFEY.POZDEEV@saic.com>
To: krb5-bugs@mit.edu
Date: Wed, 15 Dec 2010 13:49:55 +1100

krb5 version 1.8.3. It also applies to version 1.7.x.

There is a memory leak in save_error_string_nocopy() in disp_status.c.

Using umem and gcore leak detection under Solaris highlights the
following leak.

umem_alloc_16 leak: 84 buffers, 16 bytes each, 1344 bytes total
            ADDR          BUFADDR        TIMESTAMP           THREAD
                            CACHE          LASTLOG         CONTENTS
         592b7e0          5929750   1b4ec693e03bcb              172
                          226a028          221ac00                0
                 libumem.so.1`umem_cache_alloc_debug+0x12b
                 libumem.so.1`umem_cache_alloc+0xc8
                 libumem.so.1`umem_alloc+0xaf
                 libumem.so.1`malloc+0x2e
                 libgssapi_krb5.so.2`gss_krb5_save_error_string_nocopy
+0x2e
                 libgssapi_krb5.so.2`krb5_gss_save_error_string+0x2f
                 libgssapi_krb5.so.2`krb5_gss_save_error_info+0x2b
                 libgssapi_krb5.so.2`krb5_gss_validate_cred+0x6e
                 libgssapi_krb5.so.2`krb5_gss_init_sec_context+0x175
                 libgssapi_krb5.so.2`gss_init_sec_context+0x27c

The memory allocated on line 81 (in disp_status.c) never gets freed.

79:    p = k5_getspecific(K5_KEY_GSS_KRB5_ERROR_MESSAGE);
80:    if (!p) {
81:        p = malloc(sizeof(*p));   <<<--- here
82:        if (p == NULL) {
83:            ret = 1;


The fix is to free the memory in krb5_gss_delete_error_info():

--- disp_status.c       Tue Dec  8 11:04:48 2009
+++ disp_status.c-fixed Wed Dec 15 12:00:12 2010
@@ -148,6 +148,7 @@
 void krb5_gss_delete_error_info(void *p)
 {
     gsserrmap_destroy(p);
+    free(p);
 }

 /**/

Tim



Download (untitled) 1.6k
      Thu Dec 23 18:29:05 2010  aberry@likewise.com - Ticket 6846: Ticket created    
     
Subject: memory leak in gss krb5 error messaging
Date: Wed, 22 Dec 2010 17:35:43 -0500
From: "Arlene Berry" <aberry@likewise.com>
To: <krb5-bugs@mit.edu>

 

     
Memory allocated by save_error_string_nocopy in
src/lib/gssapi/krb5/disp_status.c is not being freed.  This fixed it:



Index: src/lib/gssapi/krb5/disp_status.c

===================================================================

--- src/lib/gssapi/krb5/disp_status.c        (revision 53585)

+++ src/lib/gssapi/krb5/disp_status.c     (working copy)

@@ -148,6 +148,7 @@

void krb5_gss_delete_error_info(void *p)

{

     gsserrmap_destroy(p);

+    free(p);

}

 /**/


Download (untitled) 473b
     
 
Download (untitled) 2.8k
      Tue Feb 22 14:52:27 2011  tlyu - Ticket 6846: Ticket 6846 MergedInto ticket 6844.    
      Tue Mar  8 15:53:55 2011  tlyu - Given to tlyu    
      Tue Mar  8 15:53:56 2011  tlyu - Target_Version 1.9.1 added    
      Tue Mar  8 15:53:56 2011  tlyu - Status changed from new to review    
      Tue Mar  8 15:53:56 2011  tlyu - Tags pullup added    
      Tue Mar  8 15:53:56 2011  tlyu - Correspondence added    
     
From: tlyu@mit.edu
Subject: SVN Commit


Fix a memory leak independently found by Tim Pozdeev and Arlene Berry.

This change should be pulled up to the 1.8 and 1.7 branches as well.

https://github.com/krb5/krb5/commit/4ca8ca682f903d7fcc0e2c4bf6e116245ef8b7b4
Commit By: tlyu
Revision: 24693
Changed Files:
U   trunk/src/lib/gssapi/krb5/disp_status.c


Download (untitled) 311b
      Thu Jun  9 17:08:29 2011  tlyu - Target_Version 1.9.1 changed to 1.9.2    
      Thu Jun  9 17:08:29 2011  tlyu - Status changed from review to resolved    
      Thu Jun  9 17:08:29 2011  tlyu - Version_Fixed 1.9.2 added    
      Thu Jun  9 17:08:29 2011  tlyu - Correspondence added    
     
From: tlyu@mit.edu
Subject: SVN Commit


pull up r24693 from trunk

 ------------------------------------------------------------------------
 r24693 | tlyu | 2011-03-08 15:53:55 -0500 (Tue, 08 Mar 2011) | 8 lines

 ticket: 6844
 tags: pullup
 target_version: 1.9.1

 Fix a memory leak independently found by Tim Pozdeev and Arlene Berry.

 This change should be pulled up to the 1.8 and 1.7 branches as well.

https://github.com/krb5/krb5/commit/58dbfb1cd42c3a3e79ca7894055663854e41773d
Commit By: tlyu
Revision: 24948
Changed Files:
U   branches/krb5-1-9/src/lib/gssapi/krb5/disp_status.c


Download (untitled) 551b
      Wed Dec 16 18:02:56 2015  tlyu - Keyword pullup deleted