svn commit: samba r8627 - in branches/SAMBA_4_0/source/smb_server: .

tridge at samba.org tridge at samba.org
Wed Jul 20 04:19:45 GMT 2005 

Author: tridge
Date: 2005-07-20 04:19:45 +0000 (Wed, 20 Jul 2005)
New Revision: 8627

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8627

Log:
fixed a big memory leak in the spnego gensec code in session
setup. Andrew, please check over this.

What happens is this:

 - run the BASE-SECLEAK test
 - with each failed session setup using spnego a gensec ctx is leaked into the smb_conn structure
 - after the client disconnects these are finally cleaned up as they
   are all children of the connection structure
 - the cleanup of the millions of memory objects takes long enough
   that the next operation in test_posix.sh sometimes fails with a timeout

Andrew, can you also look at the talloc_reference() on line 332 of
sesssetup.c ? I suspect it isn't needed (I don't think it does any
actual harm though)

Modified:
   branches/SAMBA_4_0/source/smb_server/sesssetup.c


Changeset:
Modified: branches/SAMBA_4_0/source/smb_server/sesssetup.c
===================================================================
--- branches/SAMBA_4_0/source/smb_server/sesssetup.c	2005-07-20 02:15:43 UTC (rev 8626)
+++ branches/SAMBA_4_0/source/smb_server/sesssetup.c	2005-07-20 04:19:45 UTC (rev 8627)
@@ -247,7 +247,7 @@
 {
 	NTSTATUS status = NT_STATUS_ACCESS_DENIED;
 	struct smbsrv_session *smb_sess;
-	struct gensec_security *gensec_ctx ;
+	struct gensec_security *gensec_ctx;
 	struct auth_session_info *session_info = NULL;
 	uint16_t vuid;
 
@@ -270,7 +270,7 @@
 		gensec_ctx = smb_sess->gensec_ctx;
 		status = gensec_update(gensec_ctx, req, sess->spnego.in.secblob, &sess->spnego.out.secblob);
 	} else {
-		status = gensec_server_start(req->smb_conn, &gensec_ctx,
+		status = gensec_server_start(req, &gensec_ctx,
 					     req->smb_conn->connection->event.ctx);
 		if (!NT_STATUS_IS_OK(status)) {
 			DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status)));
@@ -327,6 +327,7 @@
 			return NT_STATUS_ACCESS_DENIED;
 		}
 		req->session = smb_sess;
+		talloc_steal(smb_sess, gensec_ctx);
 	} else {
 		smb_sess->session_info = talloc_reference(smb_sess, session_info);
 	}

More information about the samba-cvs mailing list