Memory leaks in Kerberos 5 1.6.4-beta1 and 1.7

Ken Raeburn raeburn at MIT.EDU
Fri Nov 6 18:41:44 EST 2009 

On Nov 6, 2009, at 13:02, Dan Searle wrote:
> Hi,
>
> I tried the patch (applied to the 1.7 public release as I don't have  
> access to the 1.7.1 branch),

If you don't have access to the anonymous subversion server, there's a  
nightly snapshot made available for ftp (but updated only when there  
are actually changes); info is at http://web.mit.edu/kerberos/krb5-current.html 
  .  The "krb5-1.7-current" snapshot is from the 1.7.x branch, last  
updated 9/29 when several bugfixes were incorporated.


> however now I get a different leak:
>
> ==16212== 50 bytes in 2 blocks are definitely lost in loss record 66  
> of 81
> ==16212==    at 0x4022AB8: malloc (vg_replace_malloc.c:207)
> ==16212==    by 0x4195FCF: strdup (in /lib/tls/i686/cmov/libc-2.7.so)
> ==16212==    by 0x41DF9D9: (within /lib/tls/i686/cmov/libc-2.7.so)
> ==16212==    by 0x41E1AD8: getaddrinfo (in /lib/tls/i686/cmov/ 
> libc-2.7.so)
> ==16212==    by 0x4279F38: krb5int_getaddrinfo (fake-addrinfo.c:315)
> ==16212==    by 0x40BE474: krb5_sname_to_principal (sn2princ.c:112)
> ==16212==    by 0x4042318: krb5_gss_import_name (import_name.c:99)
> ==16212==    by 0x403703B: gssint_import_internal_name (g_glue.c:306)
> ==16212==    by 0x403502F: gss_add_cred (g_acquire_cred.c:383)
> ==16212==    by 0x403535B: gss_acquire_cred (g_acquire_cred.c:198)
> ==16212==    by 0x8049C31: main (squid_kerb_auth.c:489)
>
> Regards, Dan...

That's storage allocated by the C library's getaddrinfo routine.  As  
near as I can tell, the fake-addrinfo.c code doesn't mess with the  
returned structures before freeing them; we just copy the data out  
into storage we're managing.  So it might be a libc bug.  You could  
try a little test:

In tests/resolve in your build tree, "make addrinfo-test fake-addrinfo- 
test".  That builds two programs by the obvious names; one will test  
the libc getaddrinfo routine, and the other tests our wrapper around  
it.  Try running both under valgrind, giving the local host name as an  
argument.  If valgrind reports a leak in addrinfo-test, it's very  
likely to be a libc bug; if it only reports a problem in fake-addrinfo- 
test, then it's MIT's bug.

Ken


-- 
Ken Raeburn / raeburn at mit.edu / no longer at MIT Kerberos Consortium

More information about the krbdev mailing list