Bug 408431 - Memory leak in pattern matching function
Summary: Memory leak in pattern matching function
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: vsftpd
Version: 4.6
Hardware: All
OS: Linux
low
low
Target Milestone: rc
: ---
Assignee: Martin Nagy
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-12-03 09:28 UTC by Martin Nagy
Modified: 2016-07-26 23:46 UTC (History)
1 user (show)

Fixed In Version: RHSA-2008-0680
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-07-24 19:35:06 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2008:0680 0 normal SHIPPED_LIVE Moderate: vsftpd security and bug fix update 2008-07-24 16:38:54 UTC

Description Martin Nagy 2007-12-03 09:28:55 UTC
Description of problem:
There is a memory leak in ls.c:

      if (!must_match_at_current_pos)
      {
        struct mystr scan_fwd = INIT_MYSTR;
        
	str_mid_to_end(&name_remain_str, &scan_fwd,
			indexx + str_getlen(&s_match_needed_str));
        /* we're allowed to be greedy, test if it match further along
	 * keep advancing indexx while we can still match
	 */
	while( (locate_result = str_locate_str(&scan_fwd, &s_match_needed_str)),
	    locate_result.found )
	{
	  indexx += locate_result.index + str_getlen(&s_match_needed_str);
	  str_mid_to_end(&scan_fwd, &temp_str,
			 locate_result.index + str_getlen(&s_match_needed_str));
	  str_copy(&scan_fwd, &temp_str);
	}
      }

scan_fwd is never freed and therefore forever lost.

Version-Release number of selected component (if applicable):
vsftpd-2.0.1-5.EL4.7

Additional info:
The leak was introduced by patch in Bug #244864

Comment 1 RHEL Program Management 2007-12-03 09:38:46 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.

Comment 2 RHEL Program Management 2007-12-03 09:39:47 UTC
This bugzilla has Keywords: Regression.  

Since no regressions are allowed between releases, 
it is also being proposed as a blocker for this release.  

Please resolve ASAP.

Comment 4 Martin Nagy 2008-02-08 10:50:38 UTC
Fix checked in CVS and the new packages were built successfully. This issue
should be resolved in vsftpd-2.0.1-6.el4

Comment 8 errata-xmlrpc 2008-07-24 19:35:06 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2008-0680.html


Note You need to log in before you can comment on or make changes to this bug.