Skip Menu |
 

Subject: krb5 1-4 introduced memory leak in krb5_get_credentials
tests/hammer/kdc5_hammer leaks memory with the 1.4 libraries.
If I use the same source code against the 1.3 libraries - there isn't a
leak. (leak detected with valgrind)

The leak is below the krb5_get_credentials call... And the memory
allocated is a read credential... I suspect that a pointer is
being smashed somewhere...

I will try to track it down today...

Ezra
I have tracked down the problem... It is in krb5/krb/gc_frm_kdc.c...
This was changed in ticket 2541... (which has not been pulled up yet
but is flagged).

If there is already a tgt in the cache, then memory is leaked....
About line 127 - alot of code is skipped. otgt is never assigned tgt,
free_tgt is never set and memory is leaked.

The introduction of otgt confuses matters... At one place
otgt is assigned tgt - so keeping track of what memory needs to be freed
is tricky and needs careful examination.
From: Ken Raeburn <raeburn@MIT.EDU>
Subject: Re: [krbdev.mit.edu #2885] krb5 1-4 introduced memory leak in krb5_get_credentials
Date: Sun, 16 Jan 2005 10:45:44 -0500
To: rt-comment@krbdev.mit.edu
RT-Send-Cc:
Ugh. I knew there was a leak with the new code, but didn't think it
was a new one.
Date: Sun, 16 Jan 2005 13:02:25 -0500
From: Ezra Peisach <epeisach@MIT.EDU>
To: rt-comment@krbdev.mit.edu
Subject: Re: [krbdev.mit.edu #2885] krb5 1-4 introduced memory leak in krb5_get_credentials
RT-Send-Cc:
Ken Raeburn via RT wrote:

Show quoted text
>Ugh. I knew there was a leak with the new code, but didn't think it
>was a new one.
>
>
>
>
I think the problem is the whole tgt handling... I really think two
variables are needed...
A free_tgt and free_otgt... Then one needs to set one or the other.
When otgt becomes
tgt - need to free the otgt and not the other.

There is also questionable code in the middle.... After assigning otgt
from tgt there are calls to get
a new tgt in tgt... with krb5_cc_retrieve_cred (line 235)... If it
fails, the code assums that tgt
is still valid... (which it is by happenchance, but I would not keep it).

Also - when integrating the patch, the cleanup code has a problem...
free_tgt is set if ntgts ==0, but the test for freeing is only if ntgts
!= 0... I think it should
not be an else if there...

I will need to carefully trace all uses of the tgt variable - but I
think keeping track of
tgt vs otgt needing freeing is the way to go...

Ezra
From: epeisach@mit.edu
Subject: CVS Commit
* gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): More memory leaks
fixed as introduced in ticket #2541. Do not rely on knowledge that
upon failure from krb5_cc_retrieve_cred, returned credential data
is untouched.

Testsuite passes all tests, but would like another set of eyes to look over code
before closing ticket.


To generate a diff of this commit:



cvs diff -r5.459 -r5.460 krb5/src/lib/krb5/krb/ChangeLog
cvs diff -r5.50 -r5.51 krb5/src/lib/krb5/krb/gc_frm_kdc.c
Subject: Re: [krbdev.mit.edu #2885] krb5 1-4 introduced memory leak in krb5_get_credentials
From: Ezra Peisach <epeisach@MIT.EDU>
To: rt-comment@krbdev.mit.edu
Cc: raeburn@MIT.EDU
Date: Mon, 17 Jan 2005 12:39:15 -0500
RT-Send-Cc:
I believe I have fixed the problems - but would like another set
of eyes to look at the changes... Ken - would you be willing?

Ezra

On Sun, 2005-01-16 at 10:46, Ken Raeburn via RT wrote:
Show quoted text
> Ugh. I knew there was a leak with the new code, but didn't think it
> was a new one.
>
>
To: rt-comment@krbdev.mit.edu
Subject: Re: [krbdev.mit.edu #2885] krb5 1-4 introduced memory leak in krb5_get_credentials
From: Tom Yu <tlyu@MIT.EDU>
Date: Fri, 23 Sep 2005 21:29:08 -0400
RT-Send-Cc:
I've looked this over, and empirically, it fixes some error-condition
leaks found in the 1.4 branch by gsstest. I'm going to pull it up.

---Tom
From: tlyu@mit.edu
Subject: CVS Commit
pullup from trunk

Commit By: tlyu



Revision: 17397
Changed Files:
U branches/krb5-1-4/src/lib/krb5/krb/ChangeLog
U branches/krb5-1-4/src/lib/krb5/krb/gc_frm_kdc.c