Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.427 (Entity 5.427) Subject: memleak in gssint_get_mechanism() X-RT-Original-Encoding: iso-8859-1 Content-Length: 1034 In gssint_get_mechanism() there is: if (krb5int_open_plugin(aMech->uLibName, &dl, &errinfo) != 0 || errinfo.code != 0) { #if 0 (void) syslog(LOG_INFO, "libgss dlopen(%s): %s\n", aMech->uLibName, dlerror()); #endif k5_mutex_unlock(&g_mechListLock); return ((gss_mechanism)NULL); } I think k5_clear_error(&errinfo) should be called before the return here to avoid leaking memory allocated to errinfo. Here is the allocation stack that leaks: Found 4 leaked blocks with total size 334 bytes At time of each allocation, the call stack was: [1] vasprintf() at 0x7ff03ae9f130 [2] k5_vset_error() at line 56 in "errors.c" [3] k5_set_error() at line 44 in "errors.c" [4] krb5int_open_plugin() at line 187 in "plugins.c" [5] gssint_get_mechanism() at line 1257 in "g_initialize.c" [6] gss_add_cred_from() at line 383 in "g_acquire_cred.c" [7] gss_acquire_cred_from() at line 186 in "g_acquire_cred.c" [8] get_available_mechs() at line 3233 in "spnego_mech.c"