[24453] in Kerberos
Memory Leak problems with krb5_get_init_creds_password?
daemon@ATHENA.MIT.EDU (Chet Burgess)
Fri Aug 12 20:45:43 2005
Content-return: prohibited
Date: Fri, 12 Aug 2005 17:44:21 -0700
From: Chet Burgess <cfb@usc.edu>
To: kerberos@mit.edu
Mail-followup-to: kerberos@mit.edu
Message-id: <20050813004421.GA18991@usc.edu>
MIME-version: 1.0
Content-Type: multipart/mixed; boundary="===============50353302783428511=="
Errors-To: kerberos-bounces@mit.edu
--===============50353302783428511==
Content-return: prohibited
Content-type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary=oyUTqETQ0mS9luUI
Content-disposition: inline
--oyUTqETQ0mS9luUI
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
All,
I am having a problem with the krb5_get_init_creds_password
API call. It looks like it is causing a memory leak, or perhaps I am
not freeing things properly. I am trying to write a pretty simple
plugin to an existing application to do kerberos authentication. While
I got everything working properly and authenticating, during a 12-hour
stress test I noticed a 4.5GB memory leak.
I have written a simple program that exploits. The simple
program is included at the bottom of the message. I saw messages from
September of 2004 about a similiar problem with this function call,
but I never saw any resolution to this problem. I have observed this
problem using versions 5-1.4.1 (32-bit), 5-1.4.1 (64-bit), and 5-1.4.2
(64-bit) all compiled on Solaris 9 with the Sun Forte compiler (note
that I have not yet compiled/tested this on a 32-bit version of
5-1.4.2, but at this point I don't think that matters).=20
So does anyone have any ideas? Am I calling something
incorrectly, or not freeing memory when I should be?
--example program--
#include <stdio.h>
#include <string.h>
#include <krb5.h>
#define PRINC "blah@REALM.COM"
#define PASS "password"
int
main(int argc, char **argv) {
int r =3D 0;
krb5_context krb_context =3D 0; /* Kerberos context */
krb5_principal krb_princ =3D 0; /* Kerberos principal */
krb5_creds krb_creds; /* Kerberos credentials */
while (1) {
memset(&krb_creds, 0, sizeof(krb_creds));=20
if ((r =3D krb5_init_context(&krb_context)) !=3D 0) {
printf("Could not init krb_contexti: %s\n", error_message(r));
goto cleanup;
}=20
if ((r =3D krb5_parse_name(krb_context, PRINC, &krb_princ)) !=3D 0) {
printf("Could not build krb_princ: %s\n", error_message(r));
goto cleanup;
}
if ((r =3D krb5_get_init_creds_password(krb_context, &krb_creds,
krb_princ, PASS, NULL, 0, 0,
NULL, 0)) !=3D 0) {
printf("Kerb auth failed: %s\n", error_message(r));
goto cleanup;
}
=20
printf("Auth successful!\n");
goto cleanup;
=20
cleanup:
krb5_free_creds(krb_context, &krb_creds);
if (krb_princ) krb5_free_principal(krb_context, krb_princ);
if (krb_context) krb5_free_context(krb_context);
}
}
--=20
Chet Burgess
Manager, Enterprise Collaboration Services
Information Services Division
University of Southern California
cfb@usc.edu
213-740-5160
--oyUTqETQ0mS9luUI
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (SunOS)
iD8DBQFC/UJkNgnmTPwvyfARAgBfAJ9AyPkdHH2gxfZeq1hlRReaj9gOnwCff9Pz
m/GVg6g0UiCC96UIhEANOEc=
=HFDq
-----END PGP SIGNATURE-----
--oyUTqETQ0mS9luUI--
--===============50353302783428511==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
--===============50353302783428511==--