Skip Menu |

Subject: Minor memory leak in GSS-API mechanism initialization
Download (untitled) / with headers
text/plain 1.6KiB
valgrind testing with WebAuth surfaced the following minor memory leak
with MIT Kerberos 1.12.1:

==13031== 8 bytes in 1 blocks are definitely lost in loss record 1 of 566
==13031== at 0x4028B4C: malloc (vg_replace_malloc.c:291)
==13031== by 0x427C05C: glob (glob.c:452)
==13031== by 0x43C4EED: updateMechList (g_initialize.c:447)
==13031== by 0x43C5B14: gssint_select_mech_type (g_initialize.c:513)
==13031== by 0x43C17B5: gss_init_sec_context (g_init_sec_context.c:139)
==13031== by 0x43A6610: ??? (in
==13031== by 0x43A4C13: remctl_open (in
==13031== by 0x403FE59: remctl_generic (userinfo.c:881)
==13031== by 0x4040BDC: webauth_user_info (userinfo.c:1051)
==13031== by 0x8049A3F: test_userinfo_calls (userinfo-t.c:99)
==13031== by 0x804ADCA: main (userinfo-t.c:449)

The relevant code in Git is:

if (glob(MECH_CONF_PATTERN, 0, NULL, &globbuf) == 0) {
for (path = globbuf.gl_pathv; *path != NULL; path++)
load_if_changed(*path, g_confFileModTime, &highest);

The problem with this code is that the memory allocation in the glob()
function is unconditional, even if glob() fails, so you always have to
call globfree(), not just on success. From POSIX:

Note that gl_pathc and gl_pathv have meaning even if glob() fails.
This allows glob() to report partial results in the event of an error.
However, if gl_pathc is 0, gl_pathv is unspecified even if glob() did
not return an error.

Some additional interesting discussion is here:
Wow, that's really unclear from the documentation. Thanks for the
report. I have filed a pull request to fix it here:

(For bookkeeping, note that this ticket and #7925 both pertain to
functionality added in #7882, which is new functionality for release
1.13. So it isn't a change relative to 1.12.x.)
Subject: git commit

Fix glob memory leak in GSS initialization

In loadConfigFiles, call globfree even if glob fails, since glob can
allocate memory and report partial results on failure. Also
initialize globbuf before calling glob; this is not strictly required,
but hedges against hypothetical libc implementation bugs which could
leave globbuf.gl_pathc or globbuf.gl_pathv uninitialized on error.
Author: Greg Hudson <>
Commit: 20f91672568b1d2e341a9bb0dba88a831f152f1c
Branch: master
src/lib/gssapi/mechglue/g_initialize.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)