[krbdev.mit.edu #8357] memleak in gssint_get_mechanism()
Will Fiveash via RT
rt-comment at krbdev.mit.edu
Wed Feb 10 16:56:58 EST 2016
In gssint_get_mechanism() there is:
if (krb5int_open_plugin(aMech->uLibName, &dl, &errinfo) != 0 ||
errinfo.code != 0) {
#if 0
(void) syslog(LOG_INFO, "libgss dlopen(%s): %s\n",
aMech->uLibName, dlerror());
#endif
k5_mutex_unlock(&g_mechListLock);
return ((gss_mechanism)NULL);
}
I think k5_clear_error(&errinfo) should be called before the return here
to avoid leaking memory allocated to errinfo. Here is the allocation
stack that leaks:
Found 4 leaked blocks with total size 334 bytes
At time of each allocation, the call stack was:
[1] vasprintf() at 0x7ff03ae9f130
[2] k5_vset_error() at line 56 in "errors.c"
[3] k5_set_error() at line 44 in "errors.c"
[4] krb5int_open_plugin() at line 187 in "plugins.c"
[5] gssint_get_mechanism() at line 1257 in "g_initialize.c"
[6] gss_add_cred_from() at line 383 in "g_acquire_cred.c"
[7] gss_acquire_cred_from() at line 186 in "g_acquire_cred.c"
[8] get_available_mechs() at line 3233 in "spnego_mech.c"
More information about the krb5-bugs
mailing list