memory leak on 2.2.0?

Kenichi Okuyama okuyamak at dd.iij4u.or.jp
Wed Apr 18 08:00:32 GMT 2001


Dear all,

In

 samba-2.2.0/source/smbd/sec_ctx.c:L137 
 int get_current_groups(int *p_ngroups, gid_t **p_groups)

there seems like memory leak here. The biggest problem is,
I don't really understand how to fix it, yet. But just because I can
point the problem, here it is:

This is the problem point

150:	if((groups = (gid_t *)malloc(sizeof(gid_t)*ngroups)) == NULL) {
151:		DEBUG(0,("setup_groups malloc fail !\n"));
152:		return -1;
153:	}
154:
155:	if ((ngroups = sys_getgroups(ngroups,groups)) == -1)
156:		return -1;

At line 150, you malloc new chunk and set pointer 'groups' there.
And let's suppose we did not fail with here.

Then, at line 155, we call sys_getgroups(). And suppose we failed.
We return without freeing 'groups', which nobody will manage now.
This will cause memory leak.


I'm quite sure that line 155- should be something like:

	if ((ngroups = sys_getgroups(ngroups,groups)) == -1) {
		free( groups )
		return -1;
	}

But I don't really know if this is all we need to do.
# We might need to do something more.

So, I'm not making this change as patch, but only pointing the
problem.


best regards,
---- 
Kenichi Okuyama at Tokyo Research Lab, IBM-Japan, Co.




More information about the samba-technical mailing list