Memory Leak problems with krb5_get_init_creds_password?

brian.joh@comcast.net brian.joh at comcast.net
Tue Aug 23 16:17:24 EDT 2005


Frank Cusack wrote:
> On Tue, 23 Aug 2005 14:36:02 +0000 brian.joh at comcast.net wrote:
> > Yeah, I wasn't sure what the standard practice is, and whether
> > it was necessary to keep calling res_ninit() multiple times per
> > context.  I suggested that route because it is more conservative.
> > It keeps all the functionality the same, while reducing the leak.
> >
> > Res_ninit() is supposed to read the DNS config files, and it
> > was my *impression* that most applications want to always
> > have the latest DNS config.   For example, if you change
> > your name servers in /etc/resolv.conf, my *impression* was
> > most running applications will "see" the new name servers
> > with a restart.   MIT and Heimdal currently do this.
>
> That's not typical.  Most applications call res_ninit() only once.
>
> -frank

Ok.  It's not tough to call res_ninit() before just the
*first* DNS SRV lookup.  It's a tiny bit more work, but not
difficult.  Could do it by declaring a res_state pointer in
the krb5_context, and just checking the pointer.
Alternatively, might be able to store the actual structure
(not the pointer) inside the krb5_context and check the
res_state.options for the RES_INIT flag.

I could implement this, but not til next week.  Got alot on
my plate at work.  

-Brian



More information about the Kerberos mailing list