[krbdev.mit.edu #1653] RE: [<Kent_Wu@trendmicro.com>] RE: memory leak in some Kerberos APIs?

Kent_Wu@trendmicro.com via RT rt-comment at krbdev.mit.edu
Mon Jul 7 19:29:07 EDT 2003


Hi, Tom,

	I found my program wasn't complete in authentication so that I enhanced it to be complete in terms of kerberos authentication, after that I used SUN LDAP API to do some search. By doing this I also found some new leaks, not sure if you have addressed these in the new Beta or not, pls let me know so that I can give the new Beta a try. I'm still using Beta 3 now.

Thx.

Kent

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

OLD LEAKS: For the first one you mentioned that might be a system bug, is this for sure now? I assume  2rd has been taken care of, not sure if you've really addressed 3rd or not since last time you said it's difficult to take on.

    32       2      -       get_addr<-getaddrinfo
    24       1    0x30c58   make_gss_checksum<-make_ap_req_v1<-
krb5_gss_init_sec_context<-gss_init_sec_context<-main
     8       1    0x2f708   get_profile_etype_list<-krb5_get_tgs_ktypes<-
krb5_gss_init_sec_context<-gss_init_sec_context<-main

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

NEW LEAKS: Pls let me know if you have addressed this in the new Beta. The last one might be from LDAP SDK.

    16       1    0x2c698   krb5_generate_subkey<-krb5_mk_req_extended<-
make_ap_req_v1<-krb5_gss_init_sec_context<-gss_init_sec_context<-main
    16       1    0x2c710   krb5_copy_keyblock<-krb5_mk_req_extended<-
make_ap_req_v1<-krb5_gss_init_sec_context<-gss_init_sec_context<-main
     8       1    0x2f788   krb5_copy_keyblock<-krb5_mk_req_extended<-
make_ap_req_v1<-krb5_gss_init_sec_context<-gss_init_sec_context<-main
     8       1    0x2f7e8   krb5_c_make_random_key<-krb5_generate_subkey<-
krb5_mk_req_extended<-make_ap_req_v1<-krb5_gss_init_sec_context<-
gss_init_sec_context<-main
     2       2      -       ber_get_stringa<-ber_scanf

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Thx alot.

-----Original Message-----
From: Tom Yu [mailto:tlyu at mit.edu]
Sent: Thursday, June 12, 2003 9:42 PM
To: rt-krb5 at krbdev.mit.edu
Cc: Kent Wu (RD-US)
Subject: [<Kent_Wu at trendmicro.com>] RE: memory leak in some Kerberos
APIs?


Forwarding this to the bug database...

Have confirmed and located the leak in make_ap_req_v1.  Haven't seen
the getaddrinfo leak yet, though it could be due to failure to call
release_name.  The get_profile_etype_list leak looks somewhat
difficult to deal with, though, and it's been around a while so I'm
not inclined to give it high priority.

---Tom

-------------------- Start of forwarded message --------------------
From: <Kent_Wu at trendmicro.com>
To: <tlyu at mit.edu>
cc: krbdev at mit.edu
Subject: RE: memory leak in some Kerberos APIs?
Lines: 80

Tom:

	I just gave it a shot and Bingo, you guys did fix the memory leak in those preauth code. However it introduced some other new leaks in GSS-API side as well. The last one from get_profile_etype_list() is actually the same as last time, it didn't get fixed. The first two are new leaks. Here is the detailed report:

Actual leaks report    (actual leaks:         3  total size:      48 bytes)
 Total  Num of  Leaked      Allocation call stack
 Size   Blocks  Block
                Address
======  ====== ==========  =======================================
    24       1    0x2e878   make_gss_checksum<-make_ap_req_v1<-
krb5_gss_init_sec_context<-gss_init_sec_context<-main
    16       1    0x2c5e0   get_addr<-getaddrinfo<-krb5_sname_to_principal<-
krb5_gss_import_name<-gss_import_name<-main
     8       1    0x2d170   get_profile_etype_list<-krb5_get_tgs_ktypes<-
krb5_gss_init_sec_context<-gss_init_sec_context<-main

Let me know if you guys fix it and put on a new Beta candidate.

Thx.

Kent

-----Original Message-----
From: Kent Wu (RD-US) 
Sent: Thursday, June 12, 2003 4:42 PM
To: tlyu at mit.edu
Cc: krbdev at mit.edu
Subject: RE: memory leak in some Kerberos APIs?


Hi, Tom:

	I'll give it a try and let us know when it got released.

Thx.

Kent

-----Original Message-----
From: Tom Yu [mailto:tlyu at mit.edu]
Sent: Thursday, June 12, 2003 3:51 PM
To: Kent Wu (RD-US)
Cc: krbdev at mit.edu
Subject: Re: memory leak in some Kerberos APIs?


>>>>> "Kent_Wu" ==   <Kent_Wu at trendmicro.com> writes:

Kent_Wu>  Actual leaks report    (actual leaks:         4  total size:      57 bytes)
Kent_Wu>  Total  Num of  Leaked      Allocation call stack
Kent_Wu>  Size   Blocks  Block
Kent_Wu>                 Address
Kent_Wu> ======  ====== ==========  =======================================
Kent_Wu>     25       1    0x2bbd8   asn1buf_remove_octetstring<-
Kent_Wu> asn1_decode_octetstring<-asn1_decode_etype_info_entry<-asn1_decode_etype_info
Kent_Wu> <-decode_krb5_etype_info<-krb5_do_preauth<-krb5_get_init_creds<-
Kent_Wu> krb5_get_init_creds_password

Kent_Wu>     16       1    0x2ab88   calloc<-asn1_decode_etype_info<-
Kent_Wu> decode_krb5_etype_info<-krb5_do_preauth<-krb5_get_init_creds<-
Kent_Wu> krb5_get_init_creds_password<-main

Kent_Wu>      8       1    0x2b2b8   get_profile_etype_list<-krb5_get_tgs_ktypes<-
Kent_Wu> krb5_gss_init_sec_context<-gss_init_sec_context<-main

Kent_Wu>      8       1    0x36248   asn1_decode_etype_info<-decode_krb5_etype_info<-
Kent_Wu> krb5_do_preauth<-krb5_get_init_creds<-krb5_get_init_creds_password<-main

Have you tried compiling with one of the beta releases of krb5-1.3?  I
seem to recall that we have fixed some preauth-related memorly leaks.

---Tom

_______________________________________________
krbdev mailing list             krbdev at mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev

_______________________________________________
krbdev mailing list             krbdev at mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev

-------------------- End of forwarded message --------------------


More information about the krb5-bugs mailing list