Originator:     Corene Casper

Organization:   Dell EMC

Confidential:   no

Synopsis:       memory leak via krb5_rc_none_close

Severity:       non-critical

Priority:       low

Category:       krb5-libs

Class:          sw-bug

Release:        1.14


        system:  Isilon OneFS v8.1.0  (freebsd-11.0 based)

        machine: amd64


        When using the krb5_rc_none_ops cache type, a k5_mutex_t structure

        is being leaked on every close.  We've run into the case where our

        application has been up for long enough that it finally ran

        the system out of memory due to this leak.


        Configure your system so it uses "none" rc cache type and then

        exercise that code path repeatedly and observe process slowly

        grow in size.

        (In our case, this was in our SMB server code.  With Kerberos

        configured, each SESSION_SETUP user authentication resulted

        in a leak of one k5_mutex_t).

Fix:    one-line patch to krb5_rc_none_close, to add the k5_mutex_destroy()


*** isilon/fsp/krb5/src/lib/krb5/rcache/rc_none.c       2019-02-13 15:22:42.251051611 -0800

--- /tmp/NDbjMy_rc_none.c       2019-02-13 15:23:46.331514547 -0800


*** 50,56 ****

  static krb5_error_code KRB5_CALLCONV

  krb5_rc_none_close(krb5_context ctx, krb5_rcache rc)


-     k5_mutex_destroy(&rc->lock);

      free (rc);

      return 0;


--- 50,55 ----