Memory leak in gss_init_sec_context when using spnego mechanism
Markus Moeller
huaraz at moeller.plus.com
Mon Aug 6 16:50:47 EDT 2007
Did anybody have a chance to confirm my finding ?
Thank you
Markus
"Markus Moeller" <huaraz at moeller.plus.com> wrote in message
news:f7lpqd$tmm$1 at sea.gmane.org...
>I attach my test program source with the valgrind results. As it might not
>get through here is the main part of my test source
>
> static gss_OID_desc _gss_mech_spnego = {6, (void
> *)"\x2b\x06\x01\x05\x05\x02"};
> gss_OID gss_mech_spnego = &_gss_mech_spnego;
>
> const char *create_token(int spnego, const char *server) {
> OM_uint32 major_status, minor_status;
> gss_ctx_id_t gss_context = GSS_C_NO_CONTEXT;
> gss_name_t server_name = GSS_C_NO_NAME;
> gss_buffer_desc service = GSS_C_EMPTY_BUFFER;
> gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
> gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
> const char *token = NULL;
>
> setbuf(stdout,NULL);
> setbuf(stdin,NULL);
>
> if (!server) {
> fprintf(stderr, "%s| %s: Error: No server name\n", LogTime(),
> PROGRAM);
> return NULL;
> }
>
> service.value = malloc(strlen("HTTP")+strlen(server)+2);
>
> snprintf(service.value,strlen("HTTP")+strlen(server)+2,"%s@%s","HTTP",server);
> service.length = strlen((char *)service.value);
>
> major_status = gss_import_name(&minor_status, &service,
> gss_nt_service_name, &server_name);
>
> if (check_gss_err(major_status,minor_status,"gss_import_name()") )
> goto cleanup;
> if (spnego) {
> major_status = gss_init_sec_context(&minor_status,
> GSS_C_NO_CREDENTIAL,
> &gss_context,
> server_name,
> gss_mech_spnego,
> 0,
> 0,
> GSS_C_NO_CHANNEL_BINDINGS,
> &input_token,
> NULL,
> &output_token,
> NULL,
> NULL);
> } else {
> major_status = gss_init_sec_context(&minor_status,
> GSS_C_NO_CREDENTIAL,
> &gss_context,
> server_name,
> GSS_C_NO_OID,
> 0,
> 0,
> GSS_C_NO_CHANNEL_BINDINGS,
> &input_token,
> NULL,
> &output_token,
> NULL,
> NULL);
> }
> if (check_gss_err(major_status,minor_status,"gss_init_sec_context()") )
> goto cleanup;
>
> if (output_token.length) {
>
> token = "OK";
> }
>
>
> cleanup:
> gss_delete_sec_context(&minor_status, &gss_context, NULL);
> gss_release_buffer(&minor_status, &service);
> gss_release_buffer(&minor_status, &input_token);
> gss_release_buffer(&minor_status, &output_token);
> gss_release_name(&minor_status, &server_name);
>
> return token;
> }
> int main(int argc, char *argv[]) {
>
> const char *Token;
> int opt,i=10;
> int spnego=0;
>
> while (-1 != (opt = getopt(argc, argv, "s"))) {
> switch (opt) {
> case 's':
> spnego = 1;
> break;
> default:
> fprintf(stderr, "%s| %s: unknown option: -%c.\n", LogTime(), PROGRAM,
> opt);
> }
> }
>
> fprintf(stdout,"Spnego : %d\n",spnego);
> while (i--) {
> Token = (const char *)create_token(spnego,"w2k3.windows2003.home");
> fprintf(stdout,"Token: %s\n",Token);
> }
> return(0);
> }
>
>
>
> "Sam Hartman" <hartmans at mit.edu> wrote in message
> news:tslhco1re4f.fsf at mit.edu...
>> Hi. Thanks for your question; as best I know, we have not found this
>> yet.
>>
>>
>> Is this in a case where gss_init_sec_ctx is successful or in a case
>> where it fails?
>>
>> Presumably in both cases you are deleting the context?
>> _______________________________________________
>> krbdev mailing list krbdev at mit.edu
>> https://mailman.mit.edu/mailman/listinfo/krbdev
>>
>
>
>
--------------------------------------------------------------------------------
>
>
> _______________________________________________
> krbdev mailing list krbdev at mit.edu
> https://mailman.mit.edu/mailman/listinfo/krbdev
>
More information about the krbdev
mailing list