Bug 119940 - Pam loses resources
Summary: Pam loses resources
Alias: None
Product: Fedora
Classification: Fedora
Component: pam   
(Show other bugs)
Version: rawhide
Hardware: All Linux
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2004-04-03 19:54 UTC by Steve Grubb
Modified: 2007-11-30 22:10 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-07-27 20:54:28 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Patch that closes all pam resource leaks that I can find (19.40 KB, patch)
2004-04-03 19:57 UTC, Steve Grubb
no flags Details | Diff
Revised patch (60.21 KB, patch)
2004-05-03 15:04 UTC, Steve Grubb
no flags Details | Diff
Revised patch (61.50 KB, patch)
2004-05-07 16:57 UTC, Steve Grubb
no flags Details | Diff
Updated patch (57.97 KB, patch)
2004-05-24 18:04 UTC, Steve Grubb
no flags Details | Diff

Description Steve Grubb 2004-04-03 19:54:43 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.4.2)

Description of problem:
The pam modules leak memory and file descriptors. Mostly during error
conditions, but in at least 1 module, pam_succeed_if, memory is lost
on every write to syslog. The sha1 portion of pam_timestamp was also
incorrectly erasing memory.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
This problem was found by code review after noticing all kinds of
memory leaks with valgrind while playing with sshd.

Additional info:

I have a patch that I will create as an attachment. Please look at it
and consider applying all or some of it before fedora core 2 final is
released. I feel there are some security implications with this
package in its current state. Either by consuming too much memory and
killing the daemon or leaving file decriptors to potentially sensitive
information open.

Comment 1 Steve Grubb 2004-04-03 19:57:21 UTC
Created attachment 99091 [details]
Patch that closes all pam resource leaks that I can find

Please consider applying this patch !!!

Comment 2 Steve Grubb 2004-05-03 15:04:39 UTC
Created attachment 99911 [details]
Revised patch

The new patch corrects more problems than the original.

Comment 3 Steve Grubb 2004-05-07 16:57:18 UTC
Created attachment 100084 [details]
Revised patch

The patch was updated based on feedback from Dmitry Levin.

Comment 4 Steve Grubb 2004-05-24 18:04:23 UTC
Created attachment 100514 [details]
Updated patch

The patch is now sync'ed against pam-0.77-40.

Comment 5 Alan Cox 2004-07-27 20:54:28 UTC

Note You need to log in before you can comment on or make changes to this bug.