Red Hat Bugzilla – Bug 888728
polkitd: memory leak in process_policy_file()
Last modified: 2013-04-12 21:30:52 EDT
In src/polkitbackend/polkitbackendactionpool.c, function process_policy_file(), there is this code:
pd.parser = XML_ParserCreate_MM (NULL, NULL, NULL);
pd.parser = XML_ParserCreate (NULL);
I think this leaks the parser allocated by XML_ParserCreate_MM().
The parser runs with entity expansion enabled, but this doesn't appear to be a problem because the input file is trusted.
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
Thanks for your report. Fix filed upstream at https://bugs.freedesktop.org/show_bug.cgi?id=63492 . This can only be triggered by the system administrator manipulating /usr/share/polkit-1/actions, so not a vulnerability, and we'll get the fix on next upstream release (which is probably soon).