Bug 230625

Summary: 4byte leak in pam_unix.so
Product: Red Hat Enterprise Linux 3 Reporter: Jim Marshall <jim.marshall>
Component: pamAssignee: Tomas Mraz <tmraz>
Status: CLOSED ERRATA QA Contact: Jay Turner <jturner>
Severity: high Docs Contact:
Priority: medium    
Version: 3.8CC: srevivo
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHSA-2007-0465 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-06-11 17:51:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
A trivial example of the leak none

Description Jim Marshall 2007-03-01 21:13:42 UTC
Description of problem:
 We have a long running server process, we have seen that after a very long
period of running our process is using more memory then it should. It appears
that Versions of Red Hat prior to 4.0 have a small memory leak in pam_unix.so
(about 4bytes per authenticate request). I tested this on "Red Hat Enterprise
Linux ES release 3 (Taroon Update 8)" with a small example (attached).

Version-Release number of selected component (if applicable):
Red Hat Enterprise Linux ES release 3 (Taroon Update 8)


How reproducible:
Run the attached program using Valgrind, it will report that 400 bytes have been
leaked (there are 100 requests, so that is 4 bytes per request).

Steps to Reproduce:
1. See attached program, build it and run it (see README for details)

  
Actual results:
==19684== 400 bytes in 100 blocks are definitely lost in loss record 1 of 1
==19684==    at 0x401A846: malloc (vg_replace_malloc.c:149)
==19684==    by 0x427A47A: ???
==19684==    by 0x4035E05: (within /lib/libpam.so.0.75)
==19684==    by 0x4035F80: _pam_dispatch (in /lib/libpam.so.0.75)
==19684==    by 0x4037A77: pam_authenticate (in /lib/libpam.so.0.75)
==19684==    by 0x401FA32: ???
==19684==    by 0x804873C: main (caller.c:49)


Expected results:
No leaks

Additional info:
If you switch the PAM config file to use pam_pwdb.so no leaks occur (however; it
is significantly slower).

Comment 1 Jim Marshall 2007-03-01 21:13:42 UTC
Created attachment 149050 [details]
A trivial example of the leak

Comment 5 Tomas Mraz 2007-03-22 16:22:13 UTC
Fixed in pam-0.75-70

Comment 9 Red Hat Bugzilla 2007-06-11 17:51:41 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2007-0465.html