Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by krbdev.mit.edu (8.9.3) with ESMTP id OAA10827; Fri, 16 May 2003 14:06:47 -0400 (EDT) Received: from central-city-carrier-station.mit.edu (CENTRAL-CITY-CARRIER-STATION.MIT.EDU [18.7.7.72]) by fort-point-station.mit.edu (8.12.4/8.9.2) with ESMTP id h4GI6ltV009108 for ; Fri, 16 May 2003 14:06:47 -0400 (EDT) Received: from melbourne-city-street.mit.edu (MELBOURNE-CITY-STREET.MIT.EDU [18.7.21.86]) by central-city-carrier-station.mit.edu (8.12.4/8.9.2) with ESMTP id h4GI2HNu027138 for ; Fri, 16 May 2003 14:02:30 -0400 (EDT) Received: from gambit.bumc.bu.edu (gambit.bumc.bu.edu [155.41.232.102]) ) by melbourne-city-street.mit.edu (8.12.4/8.12.4) with ESMTP id h4GHxlU8001487 for ; Fri, 16 May 2003 13:59:47 -0400 (EDT) Subject: Memory leak/improper data storage in serializer of krb5_context From: Ezra Peisach To: krb5-bugs@MIT.EDU Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Ximian Evolution 1.0.8 (1.0.8-11) Date: 16 May 2003 13:59:47 -0400 Message-Id: <1053107987.2214.9.camel@gambit.bumc.bu.edu> MIME-Version: 1.0 X-RT-Original-Encoding: iso-8859-1 Content-Length: 859 Now that the os_context is directly part of the krb5_context structure - (as opposed to a pointer to the os_context), there appears to be a memory leak in the serailizer library... lib/krb5/ser_ctx.c: krb5_context_internalize allocates memory for the krb5_context structure. About line 175, krb5_internalize_opaque called with a pointer to the os_context structure in the krb5_context. This then gets to krb5_oscontext_internalize - which allocates the memory for the krb5_os_context. This pointer is then stored in the pointer passed in from krb5_context_internalize.... Hmm - on second thought - this is simply wrong... It is overwriting the structure with a pointer - so the code is even more broken.... Anyways - krb5_context_internalize should pass a pointer to a krb5_os_context *, and then copy the data back into the krb5_context... Ezra