[6880] in Kerberos
Re: fd leak in gss-server.c?
daemon@ATHENA.MIT.EDU (John Stewart)
Wed Mar 13 20:51:27 1996
To: kerberos@MIT.EDU
Date: 13 Mar 1996 23:15:50 GMT
From: jns@cisco.com (John Stewart)
Scott, we've talked about this over email, but here are the patches
I've designed to fix this problem (found at the bottom). I would
appreciate the MIT folx commenting on it.
To be applied to the source found in src/lib/krb5/rcache/.
--J
John Stewart Systems Administrator/Web Developer Email: jns@cisco.com
Adv. Customer Systems Where no one Phone: +1.408.526.8499
Cisco Systems, Inc. has gone before... FAX: +1.408.526.8787
In article <DnzJ9q.8Cz@talarian.com> scott@talarian.com (Scott Weitzenkamp) writes:
Newsgroups: comp.protocols.kerberos
Path: cronkite.cisco.com!decwrl!amd!netcomsv!uu4news.netcom.com!conan!scott
From: scott@talarian.com (Scott Weitzenkamp)
Organization: Talarian Corporation
Date: Sat, 9 Mar 1996 05:29:04 GMT
Lines: 31
I am using V5B5 on SunOS 4.1.4 and Solaris 2.4, and I noticed that
gss-server crashes after running gss-client a few dozen times. There
appears to be a file descriptor leak somehere in gss-server.c, the
GSS-API code, or in Kerberos itself!
Here's where Purify says all the leaks are coming from:
FIU: file descriptor 32: "/home/scott/rc_sample", O_RDWR
* File info: -rw------- 1 scott rtworks 10467 Mar 8 21:20
* File position: 10467
* This file descriptor was allocated from:
open [rtlib.o]
krb5_rc_io_open [libkrb5.a]
krb5_rc_dfl_recover [libkrb5.a]
krb5_get_server_rcache [libkrb5.a]
krb5_rd_req [libkrb5.a]
krb5_gss_accept_sec_context [libgssapi_krb5.a]
gss_accept_sec_context [libgssapi_krb5.a]
server_establish_context [gss-server.c:351]
sign_server [gss-server.c:197]
main [gss-server.c:96]
start [crt0.o]
Does anybody know how to fix this?
--
Thanks in advance...
Scott Weitzenkamp, Talarian Corporation, Mountain View, CA
scott@talarian.com (415) 965-8050
"Welcome to the late show, starring NULL and void" -- Men At Work
-----=-----=-----=-----=-----=-----=-----=-----=-----=-----=-----=-----
--- rc_io.c 1996/03/12 20:06:39 1.1
+++ rc_io.c 1996/03/13 00:32:54
@@ -139,13 +139,14 @@
if ((retval = krb5_rc_io_write(context, d, (krb5_pointer)&rc_vno, sizeof(rc_vno))) ||
(retval = krb5_rc_io_sync(context, d)))
{
- fail:
- (void) unlink(d->fn);
- FREE(d->fn);
+ fail:
+ (void) unlink(d->fn);
+ FREE(d->fn);
d->fn = NULL;
- (void) close(d->fd);
- return retval;
- }
+ printf("We had failure\n");
+ (void) close(d->fd);
+ return retval;
+ }
return 0;
}
@@ -170,17 +171,20 @@
#ifdef NO_USERID
d->fd = open(d->fn,O_RDWR | O_BINARY,0600);
#else
- if ((d->fd = stat(d->fn, &statb)) != -1) {
+ printf("d->fd: %d\n", d->fd);
+ if ((d->fd == -1) || (fstat(d->fd, &statb) == -1)) {
+ if ((d->fd = stat(d->fn, &statb)) != -1) {
uid_t me;
me = getuid();
/* must be owned by this user, to prevent some security problems with
- * other users modifying replay cache stufff */
+ * other users modifying replay cache stuff */
if ((statb.st_uid != me) || ((statb.st_mode & S_IFMT) != S_IFREG)) {
FREE(d->fn);
return KRB5_RC_IO_PERM;
}
d->fd = open(d->fn,O_RDWR | O_BINARY,0600);
+ }
}
#endif
if (d->fd == -1) {
@@ -219,6 +223,7 @@
unlk:
unlink(d->fn);
fail:
+ printf("We had failure\n");
(void) close(d->fd);
FREE(d->fn);
d->fn = NULL;
@@ -306,6 +311,7 @@
{
FREE(d->fn);
d->fn = NULL;
+ printf("Closing d->fd %d\n", d->fd);
if (close(d->fd) == -1) /* can't happen */
return KRB5_RC_IO_UNKNOWN;
return 0;
@@ -356,4 +362,3 @@
else
return 0;
}
-
--- rc_dfl.c 1996/03/12 02:05:50 1.1
+++ rc_dfl.c 1996/03/13 22:45:20
@@ -512,6 +512,7 @@
{
if (krb5_rc_io_sync(context, &t->d))
return KRB5_RC_IO;
+ (void)krb5_rc_dfl_close(context, id);
}
#endif
return 0;
