Bug 489540 – Memory leak in SASL client code.

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 489540 - Memory leak in SASL client code.

Summary:	Memory leak in SASL client code.

Status:	CLOSED ERRATA

Aliases:	None

Product:	Red Hat Enterprise MRG
Classification:	Red Hat
Component:	qpid-cpp (Show other bugs)
Sub Component:
Version:	1.1
Hardware:	All Linux

Priority	medium Severity medium
Target Milestone:	1.3
Target Release:	---
Assigned To:	Ted Ross
QA Contact:	Frantisek Reznicek
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2009-03-10 12:25 EDT by Alan Conway
Modified:	2015-11-15 19:07 EST (History)
CC List:	1 user (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	Opening client connections with authentication mechanisms involving passwords caused a very small amount of memory to be leaked for each connection setup. With this update, management of the memory used in the authentication mechanism is handled properly and memory leaks no longer occur.
Story Points:	---
Clone Of:
Environment:
Last Closed:	2010-10-14 12:15:17 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2010:0773	normal	SHIPPED_LIVE	Moderate: Red Hat Enterprise MRG Messaging and Grid Version 1.3	2010-10-14 11:56:44 EDT

Groups: None (edit)

Description Alan Conway 2009-03-10 12:25:53 EDT

Description of problem:

An ACL test added to cluster_test exposed a memory leak in the SASL client library.

Steps to Reproduce:

Remove the #if 0 around QPID_AUTO_TEST_CASE(testAcl) {} in qpid/src/tests/cluster_test.cpp and run make check TESTS=cluster_test
  
Actual results:

Memory leak. Looks like we need thread local storage 

Expected results:


Additional info:

This comment from sasl.h seems relevant. We may need thread-local storage, note that qpid/sys/Thread.h defines a macro QPID_TSS which expands to the appropriate thread-local modifier for gcc or windows.

/* get a sasl_secret_t (plaintext password with length)
 * inputs:
 *  conn          -- connection context
 *  context       -- context from callback structure
 *  id            -- callback id
 * outputs:
 *  psecret       -- set to NULL to cancel
 *                   set to password structure which must persist until
 *                   next call to getsecret in same connection, but middleware
 *                   will erase password data when it's done with it.
 * returns SASL_OK
 */
typedef int sasl_getsecret_t(sasl_conn_t *conn, void *context, int id,
			     sasl_secret_t **psecret);


The existing SASL test should be converted into a unit test. It can follow the pattern in cluster_test, using BrokerFixture instead of ClusterFixture.  This will give valgrind coverage of both client and broker code.

Comment 2 Ted Ross 2009-11-03 10:58:17 EST

Fixed upstream (by aconway) in revision 832134.

Comment 4 Ted Ross 2010-10-08 17:39:47 EDT

    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
cause: opening client connections with authentication mechanisms involving passwords.
consequence: a very small amount of memory is leaked for each connection setup.
fix: code was added to manage the memory used in the authentication mechanism
result: memory is freed properly

Comment 5 Martin Prpič 2010-10-10 03:42:23 EDT

    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1,4 +1 @@
-cause: opening client connections with authentication mechanisms involving passwords.
+Opening client connections with authentication mechanisms involving passwords caused a very small amount of memory to be leaked for each connection setup. With this update, management of the memory used in the authentication mechanism is handled properly and memory leaks no longer occur.-consequence: a very small amount of memory is leaked for each connection setup.
-fix: code was added to manage the memory used in the authentication mechanism
-result: memory is freed properly

Comment 7 errata-xmlrpc 2010-10-14 12:15:17 EDT

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2010-0773.html

Note You need to log in before you can comment on or make changes to this bug.