Bug 911110 - krb5_get_init_creds_keytab() leaks memory
Summary: krb5_get_init_creds_keytab() leaks memory
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: krb5
Version: 17
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 911147
TreeView+ depends on / blocked
 
Reported: 2013-02-14 12:16 UTC by Petr Spacek
Modified: 2013-03-22 21:07 UTC (History)
3 users (show)

Fixed In Version: krb5-1.10.2-8.fc17
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 911147 (view as bug list)
Environment:
Last Closed: 2013-03-16 01:31:08 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)
proposed patch (1.95 KB, patch)
2013-02-28 20:41 UTC, Nalin Dahyabhai 		no flags Details | Diff
View All

Description Petr Spacek 2013-02-14 12:16:30 UTC 
Description of problem:
Function lookup_etypes_for_keytab() in krb5-libs leaks memory while working with keytab.


Version-Release number of selected component (if applicable):
krb5-libs-1.10.2-6.fc17.x86_64


How reproducible:
100 %


Steps to Reproduce:
1. Create program with krb5_get_init_creds_keytab()
2. Call the program on keytab file with big amount of amount of keys
3. Use valgrind to check your program


Actual results:
Output from Valgrind.
==8048==    at 0x4A0881C: malloc (vg_replace_malloc.c:270)
==8048==    by 0x58A9F5B: krb5_ktfileint_internal_read_entry.isra.5 (kt_file.c:1253)
==8048==    by 0x58AA7BE: krb5_ktfile_get_next (kt_file.c:1414)
==8048==    by 0x58BCF4C: krb5_init_creds_set_keytab (gic_keytab.c:101)
==8048==    by 0x58BD25D: get_init_creds_keytab (gic_keytab.c:229)
==8048==    by 0x58BD377: krb5_get_init_creds_keytab (gic_keytab.c:271)
==8048==    by 0xC2477F9: get_krb5_tgt (krb5_helper.c:176)


Expected results:
No leaks :-)


Additional info:
AFAIK the memory leak originates in lookup_etypes_for_keytab() function. File gic_keytab.c:101 contains krb5_kt_next_entry() call in a loop, but there is no krb5_kt_free_entry() call in this loop.

See code example in manual page http://www.unix.com/man-page/all/3/krb5_kt_free_entry/
Comment 1 Nalin Dahyabhai 2013-02-28 20:37:17 UTC 
(In reply to comment #0)> AFAIK the memory leak originates in lookup_etypes_for_keytab() function.
> File gic_keytab.c:101 contains krb5_kt_next_entry() call in a loop, but
> there is no krb5_kt_free_entry() call in this loop.

Looks like you're right: there's supposed to be some krb5_free_keytab_entry_contents() action in there.
Comment 2 Nalin Dahyabhai 2013-02-28 20:41:35 UTC 
Created attachment 703982 [details]
proposed patch
Comment 3 Petr Spacek 2013-03-04 11:34:19 UTC 
krb5-1.10.2-8.fc17 fixed the problem on my system, thank you!
Comment 4 Fedora Update System 2013-03-05 18:43:59 UTC 
krb5-1.10.2-9.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/FEDORA-2013-3116/krb5-1.10.2-9.fc17
Comment 5 Fedora Update System 2013-03-05 18:44:18 UTC 
krb5-1.10.3-14.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/FEDORA-2013-3147/krb5-1.10.3-14.fc18
Comment 6 Fedora Update System 2013-03-05 18:45:39 UTC 
krb5-1.10.2-9.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/FEDORA-2013-3116/krb5-1.10.2-9.fc17
Comment 7 Fedora Update System 2013-03-06 23:03:52 UTC 
Package krb5-1.10.3-14.fc18:
* should fix your issue,
* was pushed to the Fedora 18 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing krb5-1.10.3-14.fc18'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-3147/krb5-1.10.3-14.fc18
then log in and leave karma (feedback).
Comment 8 Fedora Update System 2013-03-16 01:31:10 UTC 
krb5-1.10.2-9.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2013-03-22 21:07:58 UTC 
krb5-1.10.3-14.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.