Memory leak in gss_init_sec_context when using spnego mechanism
huaraz at moeller.plus.com
Mon Aug 6 19:41:36 EDT 2007
Thank you for confirming. I send two bug reports.
"Tom Yu" <tlyu at mit.edu> wrote in message
news:ldv7io89vzp.fsf at cathode-dark-space.mit.edu...
>>>>>> "Markus" == Markus Moeller <huaraz at moeller.plus.com> writes:
> Markus> Did anybody have a chance to confirm my finding ?
> Sorry, I've been rather busy recently. I did look and discover there
> are possibly multiple issues involved. Your test program calls
> gss_delete_sec_context() on a context that is probably partially
> established. This is probably a code path that is not well-exercised.
> Thank you for bringing it to our attention.
> 1. It does appear that when the SPNEGO mechanism calls
> gss_init_sec_context(), it does not release the output token
> 2. It also appears that in spnego_gss_delete_sec_context(), if a
> partially established context is deleted, the inner mechanism's
> context (actually a mechglue-wrapped context) does not get deleted.
> I'm not sure if there are other bugs revealed by your test case. For
> now, would you please open bugs for the above two issues? Or if you
> prefer, I can open the bugs. Thanks.
> krbdev mailing list krbdev at mit.edu
More information about the krbdev