Bug 239536 - Memory leak was found in nfs-utils
Summary: Memory leak was found in nfs-utils
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: nfs-utils
Version: 5.0
Hardware: All
OS: Linux
Target Milestone: ---
: ---
Assignee: Steve Dickson
QA Contact:
Depends On:
Blocks: 239783
TreeView+ depends on / blocked
Reported: 2007-05-09 09:34 UTC by Akira Tsukamoto
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

Clone Of:
Last Closed: 2007-11-07 17:15:27 UTC

Attachments (Terms of Use)
patch to fix memory leak in nfs-utils (982 bytes, patch)
2007-05-09 09:34 UTC, Akira Tsukamoto
no flags Details | Diff

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2007:0651 normal SHIPPED_LIVE nfs-utils bug fix and enhancement update 2007-10-30 16:19:49 UTC

Description Akira Tsukamoto 2007-05-09 09:34:49 UTC
Nfs-utils memory leak

Description of problem:
Memory leak was found in mountd.
I have spotted the leaking point in the source code and a patch to fix is 
attached bellow.

The memory leak does not become critical in normal uses, but in our system we 
are mounting nearly 100 loopback devices and running 24 hours then the system 
required to reboot periodically to free up memory consumed by mountd.

Version-Release number of selected component (if applicable):

Additional info:

diff -urN nfs-utils-1.0.6.org/support/export/client.c nfs-utils-
--- nfs-utils-1.0.6.org/support/export/client.c	2007-01-18 15:03:54.000000000 
+++ nfs-utils-1.0.6.new/support/export/client.c	2007-01-18 15:17:53.000000000 
@@ -257,6 +257,10 @@
 			name = add_name(name, clp->m_hostname);
+	if (he != NULL)
+		free(he);
 	return name;
diff -urN nfs-utils-1.0.6.org/support/misc/mountpoint.c nfs-utils-
--- nfs-utils-1.0.6.org/support/misc/mountpoint.c	2003-05-30 
13:42:21.000000000 +0900
+++ nfs-utils-1.0.6.new/support/misc/mountpoint.c	2007-01-18 
15:06:13.000000000 +0900
@@ -24,8 +24,11 @@
 	dotdot = malloc(strlen(path)+4);
 	strcat(strcpy(dotdot, path), "/..");
 	if (lstat(path, &stb) != 0 ||
-	    lstat(dotdot, &pstb) != 0)
+	    lstat(dotdot, &pstb) != 0) {
+		free(dotdot);
 		return 0;
+	}
+	free(dotdot);
 	if (stb.st_dev != pstb.st_dev
 	    || stb.st_ino == pstb.st_ino)

Comment 1 Akira Tsukamoto 2007-05-09 09:34:50 UTC
Created attachment 154383 [details]
patch to fix memory leak in nfs-utils

Comment 2 RHEL Product and Program Management 2007-05-09 13:09:17 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update

Comment 4 Steve Dickson 2007-05-10 18:55:38 UTC
Fixed in nfs-utils-1.0.9-18

Comment 5 Akira Tsukamoto 2007-05-11 02:00:19 UTC
Same memory leak exist in nfs-utils packages for Red Hat Enterprize Linux 4.5.
Please apply for RHEL4 too.

Comment 6 Steve Dickson 2007-05-11 11:09:09 UTC
Thanks for the info... I just cloned this bug into a 
RHEL4.5 one... See:

Comment 11 Steve Dickson 2007-09-06 14:11:32 UTC
I as well had no luck reproducing this leak. but looking at the

--- a/support/export/client.c
+++ b/support/export/client.c
@@ -262,6 +262,10 @@ client_compose(struct in_addr addr)
            name = add_name(name, clp->m_hostname);
+   if (he != NULL)
+       free(he);
    return name;

it is very apparent we were not free memory in a routine call
client_compose() which is used by rpc.mountd to 
authenticate incoming ip address. 

Comment 12 Suzanne Yeghiayan 2007-09-17 19:32:48 UTC
This request was previously evaluated by Red Hat Product Management
for inclusion in the current Red Hat Enterprise Linux release, but
Red Hat was unable to resolve it in time.  This request will be
reviewed for a future Red Hat Enterprise Linux release.

Comment 16 errata-xmlrpc 2007-11-07 17:15:27 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.