[Samba4] Memory leaks in authentication code

Andrew Bartlett abartlet at samba.org
Sat Sep 24 03:30:30 GMT 2005

On Fri, 2005-09-23 at 16:36 -0400, Karl Melcher wrote:
> I have identified a few more minor memory leaks in the authentication code.
> Mostly blocks of data talloc'ed with a NULL source pointer. Most of these
> don't seem to have handy memory contexts to hang the new pointers onto. The
> combined affect is about 140 bytes when authenticating a client connection
> against a Win 2003 server.

Yes, this is a known problem.  Tridge plugged some of these issues, but
I offered to chase up pushing proper talloc contexts down to all the
right places.  I then got distracted again, and it remains a 'TODO'.  

> (1)
> source/libcli/util/asn1.c:
> BOOL asn1_read_OID(...)
> tmp_oid = talloc_asprintf(NULL, "%u", b/40);
> (2)
> // This one is self contained and can be fixed with simple talloc context
> init/free
> source/libcli/util/asn1.c:
> BOOL asn1_read_LDAPString(struct asn1_data *data, char **s)
> *s = talloc_size(NULL, len+1);
> (3)
> source/auth/gensec/spnego_parse.c
> BOOL read_negTokenInit( ... )
> token->mechTypes = talloc(NULL, const char *);
> ...
> token->mechTypes = talloc_realloc(NULL, ...

If you want to knock up a patch for this, or the more general problem
I'm happy to work it though with you, otherwise I can fix these
short-term and hopefully get to my TODO list eventually.  (I so need a
clone or two for all this work :-)

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc.        http://suse.de
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20050924/6233115d/attachment.bin

More information about the samba-technical mailing list