Red Hat Bugzilla – Bug 230625
4byte leak in pam_unix.so
Last modified: 2015-01-07 19:15:48 EST
Description of problem:
We have a long running server process, we have seen that after a very long
period of running our process is using more memory then it should. It appears
that Versions of Red Hat prior to 4.0 have a small memory leak in pam_unix.so
(about 4bytes per authenticate request). I tested this on "Red Hat Enterprise
Linux ES release 3 (Taroon Update 8)" with a small example (attached).
Version-Release number of selected component (if applicable):
Red Hat Enterprise Linux ES release 3 (Taroon Update 8)
Run the attached program using Valgrind, it will report that 400 bytes have been
leaked (there are 100 requests, so that is 4 bytes per request).
Steps to Reproduce:
1. See attached program, build it and run it (see README for details)
==19684== 400 bytes in 100 blocks are definitely lost in loss record 1 of 1
==19684== at 0x401A846: malloc (vg_replace_malloc.c:149)
==19684== by 0x427A47A: ???
==19684== by 0x4035E05: (within /lib/libpam.so.0.75)
==19684== by 0x4035F80: _pam_dispatch (in /lib/libpam.so.0.75)
==19684== by 0x4037A77: pam_authenticate (in /lib/libpam.so.0.75)
==19684== by 0x401FA32: ???
==19684== by 0x804873C: main (caller.c:49)
If you switch the PAM config file to use pam_pwdb.so no leaks occur (however; it
is significantly slower).
Created attachment 149050 [details]
A trivial example of the leak
Fixed in pam-0.75-70
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.