458668 – Memory leaks in ids_sasl_user_search

Bug 458668 - Memory leaks in ids_sasl_user_search

Summary: Memory leaks in ids_sasl_user_search

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	389
Classification:	Retired
Component:	Security - SASL
Sub Component:
Version:	1.1.1
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Rich Megginson
QA Contact:	Chandrasekar Kannan
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	249650 FDS112 453229 CVE-2008-3283
TreeView+	depends on / blocked

Reported:	2008-08-11 14:11 UTC by Rich Megginson
Modified:	2015-01-04 23:33 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2008-08-27 20:39:16 UTC
Embargoed:

Attachments	(Terms of Use)
diffs (927 bytes, patch) 2008-08-11 14:20 UTC, Rich Megginson	no flags	Details \| Diff
cvs commit log - DS8.0 (181 bytes, text/plain) 2008-08-12 22:29 UTC, Rich Megginson	no flags	Details
cvs commit log - HEAD (175 bytes, text/plain) 2008-08-27 21:09 UTC, Rich Megginson	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2008:0602	0	normal	SHIPPED_LIVE	Moderate: redhat-ds-base and redhat-ds-admin security and bug fix update	2008-08-27 20:38:30 UTC

Description Rich Megginson 2008-08-11 14:11:57 UTC

This leak occurs when we use the new regex based identity mapping to lookup the user bind dn based on the given user and user realm.  There is a pblock allocated but not freed.

Comment 1 Rich Megginson 2008-08-11 14:20:17 UTC

Created attachment 313967 [details]
diffs

Comment 2 Rich Megginson 2008-08-11 16:44:58 UTC

This leak can be triggered by an anonymous user doing a sasl bind.  This bug can be mitigated by disabling the sasl mapping, which means sasl binds won't work.

Comment 3 Rich Megginson 2008-08-12 22:29:09 UTC

Created attachment 314148 [details]
cvs commit log - DS8.0

Reviewed by: nkinder (Thanks!)
Fix Description: This leak occurs when we use the new regex based identity mapping to lookup the
user bind dn based on the given user and user realm.  There is a pblock allocated but not freed.
Platforms tested: RHEL5, Fedora 8
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none

Comment 5 Jenny Severance 2008-08-19 20:29:28 UTC

How can QE verify this?  What to look for in the valgrind output?

Comment 6 Rich Megginson 2008-08-19 20:37:40 UTC

(In reply to comment #5)
> How can QE verify this?  What to look for in the valgrind output?

Look for a memory leak in ids_sasl_user_search()

Comment 7 Jenny Severance 2008-08-21 17:47:50 UTC

verified 8.0 RHEL4-32, RHEL4-64, RHEL5-32, RHEL5-64

Comment 10 errata-xmlrpc 2008-08-27 20:39:16 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2008-0602.html

Comment 11 Rich Megginson 2008-08-27 21:09:27 UTC

Created attachment 315148 [details]
cvs commit log - HEAD

Note You need to log in before you can comment on or make changes to this bug.