Bug 251539 - login may have a small memory leak
login may have a small memory leak
Product: Fedora
Classification: Fedora
Component: util-linux-ng (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Karel Zak
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2007-08-09 12:53 EDT by John (J5) Palmieri
Modified: 2013-03-13 00:51 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-01-28 08:08:50 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description John (J5) Palmieri 2007-08-09 12:53:11 EDT
Description of problem:

I may be missing something here but I was looking at the login code to copy the
pam stuff out of it and I noticed if a user passes in his user name on the
command line it is strdup'ed but then the same variable 'username' is used again
by pam to get the username out of the passwd file without first freeing the

Relevant lines:

428    if (*argv) {
429	char *p = *argv;
430	username = strdup(p);

514    retcode = pam_start(hflag?"remote":"login",username, &conv, &pamh);

544    /*
545     * Grab the user information out of the password file for future usage
546     * First get the username that we are actually using, though.
547     */
548    retcode = pam_get_item(pamh, PAM_USER, (const void **) &username);
This code path assumes no password is required.  Nothing in the pam_get_item man
page suggests that pam frees the value itself.  Also nothing in pam_start
suggest pam takes ownership.  By taking a const char * it in fact suggests it
copies what is sent to it.
Comment 1 Karel Zak 2008-01-28 08:08:50 EST
Fixed in the upstream code -- it will be available in Fedora 9 or 10. Thanks.

Note You need to log in before you can comment on or make changes to this bug.