Ticket History #2719: memory leak in rd_cred.c

I was running valgrind to check some of my kerberos authentication and
ran into this:

==11600== 28 bytes in 1 blocks are definitely lost in loss record 9 of 12
==11600== at 0x1B90340D: calloc (vg_replace_malloc.c:176)
==11600== by 0x125624: decode_krb5_enc_cred_part (in
/usr/lib/libkrb5.so.3.2)
==11600== by 0x149E5E: (within /usr/lib/libkrb5.so.3.2)
==11600== by 0x149F61: (within /usr/lib/libkrb5.so.3.2)
==11600== by 0x14A23B: krb5_rd_cred (in /usr/lib/libkrb5.so.3.2)


Its only 28 blocks, but if I repeat the authentication over and over it
grows quickly. It seems that when I get a forwarded tgt (krb5_fwd_tgt()
) and call krb5_rd_cred() it allocates some memory in the asn.1 decoder
and I'm not sure why its not cleaned up (or where it should be cleaned up).

All I know is that if I call krb5_rd_cred() 10 times I'll have 28 * 10
bytes of leaked memory.

Not sure what to do at this point. I'm running krb5 1.3.4.

This is an official bug log. Currently a post on comp.protocols.kerberos

Awe crap. I'm trying to put these in the database, because Sam
Hartman asked me too.

Did you get my bug on setuseruserkey()? I used krb5-send-pr for that
one (not the web interface), and I have no clue if it actually was
sent.

If not, I'll add it to the database. But basically on line 142 of
mk_req_ext.c there is no check to see if the keyblock for auth_context
already exists. I did a setuseruserkey() awhile prior to the
mk_req_extended() call and it overwrote the key w/o freeing the one
that was set before it.

Derrick


On Thu, 23 Sep 2004 16:42:55 -0400 (EDT), Tom Yu via RT
<rt-comment@krbdev.mit.edu> wrote: