Bug 1750893 - Memory leak when slapi-nis return entries retrieved from nsswitch
Summary: Memory leak when slapi-nis return entries retrieved from nsswitch
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: slapi-nis
Version: ---
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: thierry bordaz
QA Contact: ipa-qe
Depends On:
Blocks: 1825061 1820123
TreeView+ depends on / blocked
Reported: 2019-09-10 16:44 UTC by thierry bordaz
Modified: 2020-11-04 02:50 UTC (History)
7 users (show)

Fixed In Version: slapi-nis-0.56.5
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1820123 (view as bug list)
Last Closed: 2020-11-04 02:50:13 UTC
Type: Bug
Target Upstream Version:

Attachments (Terms of Use)
Full list of slapi-nis leak when processing nsswitch entries (6.14 KB, text/plain)
2019-09-11 09:32 UTC, thierry bordaz
no flags Details

Description thierry bordaz 2019-09-10 16:44:55 UTC
Description of problem:
When schemacompat is configured (schema-compat-lookup-nsswitch) to retrieve entries (groups and users) from nsswitch, it fetches those entries and return them but do not free the structures used to carry the entries

Version-Release number of selected component (if applicable):
since 0.47.7 and later

How reproducible:

Steps to Reproduce:

Actual results:
Leaks see backtraces in following records

Expected results:
Should not leak

Additional info:

Comment 3 thierry bordaz 2019-09-11 09:26:57 UTC
pattern of the leaks (see attached valgrind output for complete list)

==22014==    by 0x1B32805A: backend_search_nsswitch (back-sch-nss.c:729)
==22014==    by 0x1B31339C: backend_search_set_cb (back-sch.c:1319)
==22014==    by 0x1B32501E: map_data_foreach_map (map.c:353)
==22014==    by 0x1B3130B5: backend_search_group_cb (back-sch.c:1473)
==22014==    by 0x1B324F5F: map_data_foreach_domain (map.c:323)
==22014==    by 0x1B31299D: backend_search_cb (back-sch.c:1852)
==22014==    by 0x50E6797: ??? (in /usr/lib64/dirsrv/libslapd.so.0.1.0)
==22014==    by 0x50E6A52: plugin_call_plugins (in /usr/lib64/dirsrv/libslapd.so.0.1.0)
==22014==    by 0x50D98A6: op_shared_search (in /usr/lib64/dirsrv/libslapd.so.0.1.0)
==22014==    by 0x13597D: ??? (in /usr/sbin/ns-slapd)
==22014==    by 0x1236A9: ??? (in /usr/sbin/ns-slapd)
==22014==    by 0x732EBAA: _pt_root (ptthread.c:201)
==22014==    by 0x796EDD4: start_thread (pthread_create.c:307)
==22014==    by 0x82FDEAC: clone (clone.S:111)

Comment 4 thierry bordaz 2019-09-11 09:32:38 UTC
Created attachment 1614009 [details]
Full list of slapi-nis leak when processing nsswitch entries

This is the output of valgrind that are related to this BZ

Comment 5 thierry bordaz 2019-09-11 14:28:14 UTC
PR https://pagure.io/slapi-nis/pull-request/31

Comment 9 Florence Blanc-Renaud 2020-02-14 15:42:11 UTC
Thank you taking your time and submitting this request for Red Hat Enterprise Linux 7. Unfortunately, this bug cannot be kept even as a stretch goal and was postponed to RHEL8.

Comment 10 thierry bordaz 2020-02-21 16:37:53 UTC
patch being push upstream (0.56.4) => POST

Comment 17 Sumedh Sidhaye 2020-07-15 12:57:02 UTC

Followed procedure mentioned in https://bugzilla.redhat.com/show_bug.cgi?id=1820123#c14

Builds used:

[root@ci-vm-10-0-139-58 ~]# rpm -q ipa-server slapi-nis
[root@ci-vm-10-0-139-58 ~]# rpm -q 389-ds-base
[root@ci-vm-10-0-139-58 ~]#

[root@ci-vm-10-0-139-58 ~]# grep backend_search_nsswitch /var/run/dirsrv/ns-slapd-*
/var/run/dirsrv/ns-slapd-CI-VM-10-0-139-58-HOSTED-UPSHIFT-RDU2-REDHAT-COM.asan.28975:    #1 0x7f04c55d2078 in backend_search_nsswitch back-sch-nss.c:718

Fixed version

[root@ci-vm-10-0-139-233 ~]# rpm -q ipa-server slapi-nis; cat /etc/redhat-release 
Red Hat Enterprise Linux release 8.3 Beta (Ootpa)
[root@ci-vm-10-0-139-233 ~]# rpm -q 389-ds-base
[root@ci-vm-10-0-139-233 ~]#

[root@ci-vm-10-0-139-233 ~]# grep backend_search_nsswitch /var/run/dirsrv/ns-slapd-CI-VM-10-0-139-233-HOSTED-UPSHIFT-RDU2-REDHAT-COM.asan.* -c

Comment 20 errata-xmlrpc 2020-11-04 02:50:13 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.