Bug 204055 - Possibly memory leak in pam modules.
Possibly memory leak in pam modules.
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: pam (Show other bugs)
3.8
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Jay Turner
NdRvw
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-08-25 06:36 EDT by Jose Plans
Modified: 2015-01-07 19:14 EST (History)
3 users (show)

See Also:
Fixed In Version: RHSA-2007-0465
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-11 13:51:24 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
test case used for this problem. (1.64 KB, text/x-csrc)
2006-08-25 06:36 EDT, Jose Plans
no flags Details
memory leak report. (2.84 KB, application/octet-stream)
2006-08-25 06:44 EDT, Jose Plans
no flags Details

  None (edit)
Description Jose Plans 2006-08-25 06:36:48 EDT
Description of problem:

  When using an in-house application, this customer noticed a possibly leakage
on the usage of the pam libraries. 
  At the very begining they suspected it would come from pam_krb5, but after
further tests, the issue could be reproduced with a simple test case.

  Basically this test case (attached) performs N iterations on the
authentication mechanism, if authenticate once, we don't see any leak otherwise
memory gets lost as per Valgrind outputs.
  
  To reduce this issue to its minimum setup, we just reproduced it by just using :
      passwd: files
      group: files
      shadow: files
      
* The case is :
     pam_start()
     for each iteration:
       pam_set_item PAM_USER
       pam_authenticate
       pam_acct_mgmt
     pam_end
* It has been based from the example present in /usr/share/docs.       
  
  The traces show:

8 bytes in 2 blocks are definitely lost in loss record 1 of 3
    at 0x401A5D1: malloc (vg_replace_malloc.c:149)
    by 0x42C246A: ???
    by 0x4027E05: _pam_dispatch_aux (pam_dispatch.c:78)
    by 0x4027F80: _pam_dispatch (pam_dispatch.c:340)
    by 0x42719BD: ???
    by 0x4270D1D: ???
    by 0x4027E05: _pam_dispatch_aux (pam_dispatch.c:78)
    by 0x4027F80: _pam_dispatch (pam_dispatch.c:340)
    by 0x4029A77: pam_authenticate (pam_auth.c:33)
    by 0x8048722: main (test.c:48)
    

32 bytes in 8 blocks are definitely lost in loss record 2 of 3
    at 0x401B8A9: calloc (vg_replace_malloc.c:279)
    by 0x402A412: _copy_env (pam_env.c:327)
    by 0x4271789: ???
    by 0x4270D1D: ???
    by 0x4027E05: _pam_dispatch_aux (pam_dispatch.c:78)
    by 0x4027F80: _pam_dispatch (pam_dispatch.c:340)
    by 0x4029A77: pam_authenticate (pam_auth.c:33)
    by 0x8048722: main (test.c:48)
    
48 bytes in 4 blocks are definitely lost in loss record 3 of 3
    at 0x401A5D1: malloc (vg_replace_malloc.c:149)
    by 0x40294EF: _pam_strdup (pam_misc.c:98)
    by 0x4271568: ???
    by 0x4270D1D: ???
    by 0x4027E05: _pam_dispatch_aux (pam_dispatch.c:78)
    by 0x4027F80: _pam_dispatch (pam_dispatch.c:340)
    by 0x4029A77: pam_authenticate (pam_auth.c:33)
    by 0x8048722: main (test.c:48)
    
 LEAK SUMMARY:
    definitely lost: 88 bytes in 14 blocks.
    
  I spent quite a lot of time trying to figure out why I couldn't find the
symbols from this trace, so finally I decided to usleep the test case and get
its mappings. This led me to the following posts (in the bz)
 
Version-Release number of selected component (if applicable):

       pam-0.75-69

How reproducible:

   Always, run the test case with iterations >1, at least 2 as a parameter.

Steps to Reproduce:
1. Add a local user
2. Run the following.
   % valgrind --tool=memcheck --leak-check=yes --log-file=mem.log ./test_case
jmp nothing login 2
   Being 
       jmp a local user,
       nothing a string that won't be used, (from the share/doc example it was
the password)
       login the action,
       2 the iterations.
3. mem.log.PID shows the leakage.
  
Actual results:

Memory leaks.

Expected results:

No memory leaks if the above case makes sense.

Additional info:

I will add the additional infos in other posts as this one is quite long already.
Thanks for the assistance,

   Jose
Comment 1 Jose Plans 2006-08-25 06:36:52 EDT
Created attachment 134904 [details]
test case used for this problem.
Comment 4 Jose Plans 2006-08-25 06:44:37 EDT
Created attachment 134907 [details]
memory leak report.
Comment 21 Tomas Mraz 2007-03-22 12:22:05 EDT
Fixed in pam-0.75-70
Comment 25 Red Hat Bugzilla 2007-06-11 13:51:24 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2007-0465.html

Note You need to log in before you can comment on or make changes to this bug.