119940 – Pam loses resources

Bug 119940 - Pam loses resources

Summary: Pam loses resources

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	pam
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	high
Target Milestone:	---
Assignee:	Nalin Dahyabhai
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2004-04-03 19:54 UTC by Steve Grubb
Modified:	2007-11-30 22:10 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2004-07-27 20:54:28 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
Patch that closes all pam resource leaks that I can find (19.40 KB, patch) 2004-04-03 19:57 UTC, Steve Grubb	no flags	Details \| Diff
Revised patch (60.21 KB, patch) 2004-05-03 15:04 UTC, Steve Grubb	no flags	Details \| Diff
Revised patch (61.50 KB, patch) 2004-05-07 16:57 UTC, Steve Grubb	no flags	Details \| Diff
Updated patch (57.97 KB, patch) 2004-05-24 18:04 UTC, Steve Grubb	no flags	Details \| Diff
Show Obsolete (3) View All

Description Steve Grubb 2004-04-03 19:54:43 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.4.2)
Gecko/20040308

Description of problem:
The pam modules leak memory and file descriptors. Mostly during error
conditions, but in at least 1 module, pam_succeed_if, memory is lost
on every write to syslog. The sha1 portion of pam_timestamp was also
incorrectly erasing memory.

Version-Release number of selected component (if applicable):
pam-0.77-36

How reproducible:
Always

Steps to Reproduce:
This problem was found by code review after noticing all kinds of
memory leaks with valgrind while playing with sshd.

Additional info:

I have a patch that I will create as an attachment. Please look at it
and consider applying all or some of it before fedora core 2 final is
released. I feel there are some security implications with this
package in its current state. Either by consuming too much memory and
killing the daemon or leaving file decriptors to potentially sensitive
information open.

Comment 1 Steve Grubb 2004-04-03 19:57:21 UTC

Created attachment 99091 [details]
Patch that closes all pam resource leaks that I can find

Please consider applying this patch !!!

Comment 2 Steve Grubb 2004-05-03 15:04:39 UTC

Created attachment 99911 [details]
Revised patch

The new patch corrects more problems than the original.

Comment 3 Steve Grubb 2004-05-07 16:57:18 UTC

Created attachment 100084 [details]
Revised patch

The patch was updated based on feedback from Dmitry Levin.

Comment 4 Steve Grubb 2004-05-24 18:04:23 UTC

Created attachment 100514 [details]
Updated patch

The patch is now sync'ed against pam-0.77-40.

Comment 5 Alan Cox 2004-07-27 20:54:28 UTC

Done

Note You need to log in before you can comment on or make changes to this bug.