This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 458668 - Memory leaks in ids_sasl_user_search
Memory leaks in ids_sasl_user_search
Status: CLOSED ERRATA
Product: 389
Classification: Community
Component: Security - SASL (Show other bugs)
1.1.1
All Linux
medium Severity medium
: ---
: ---
Assigned To: Rich Megginson
Chandrasekar Kannan
: Security
Depends On:
Blocks: 249650 FDS112 453229 CVE-2008-3283
  Show dependency treegraph
 
Reported: 2008-08-11 10:11 EDT by Rich Megginson
Modified: 2015-01-04 18:33 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-08-27 16:39:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
diffs (927 bytes, patch)
2008-08-11 10:20 EDT, Rich Megginson
no flags Details | Diff
cvs commit log - DS8.0 (181 bytes, text/plain)
2008-08-12 18:29 EDT, Rich Megginson
no flags Details
cvs commit log - HEAD (175 bytes, text/plain)
2008-08-27 17:09 EDT, Rich Megginson
no flags Details

  None (edit)
Description Rich Megginson 2008-08-11 10:11:57 EDT
This leak occurs when we use the new regex based identity mapping to lookup the user bind dn based on the given user and user realm.  There is a pblock allocated but not freed.
Comment 1 Rich Megginson 2008-08-11 10:20:17 EDT
Created attachment 313967 [details]
diffs
Comment 2 Rich Megginson 2008-08-11 12:44:58 EDT
This leak can be triggered by an anonymous user doing a sasl bind.  This bug can be mitigated by disabling the sasl mapping, which means sasl binds won't work.
Comment 3 Rich Megginson 2008-08-12 18:29:09 EDT
Created attachment 314148 [details]
cvs commit log - DS8.0

Reviewed by: nkinder (Thanks!)
Fix Description: This leak occurs when we use the new regex based identity mapping to lookup the
user bind dn based on the given user and user realm.  There is a pblock allocated but not freed.
Platforms tested: RHEL5, Fedora 8
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Comment 5 Jenny Galipeau 2008-08-19 16:29:28 EDT
How can QE verify this?  What to look for in the valgrind output?
Comment 6 Rich Megginson 2008-08-19 16:37:40 EDT
(In reply to comment #5)
> How can QE verify this?  What to look for in the valgrind output?

Look for a memory leak in ids_sasl_user_search()
Comment 7 Jenny Galipeau 2008-08-21 13:47:50 EDT
verified 8.0 RHEL4-32, RHEL4-64, RHEL5-32, RHEL5-64
Comment 10 errata-xmlrpc 2008-08-27 16:39:16 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2008-0602.html
Comment 11 Rich Megginson 2008-08-27 17:09:27 EDT
Created attachment 315148 [details]
cvs commit log - HEAD

Note You need to log in before you can comment on or make changes to this bug.