#1409 Resource leak in sssdpac_import_authdata
Closed: Fixed None Opened 8 years ago by sgallagh.

98
CID 12799: Resource leak (RESOURCE_LEAK)Calling allocation function "sss_pac_make_request" on "repbuf". [show details]
 99    ret = sss_pac_make_request(SSS_PAC_ADD_PAC_USER, &sss_data,
100                               &repbuf, &replen, &errnop);
At conditional (1): "ret != 0" taking the true branch.
101    if (ret != 0) {
102        /* Ignore the error */
103    }
104
At conditional (2): "authdata[0]->length > 0U" taking the true branch.
105    if (authdata[0]->length > 0) {
106        data = malloc(sizeof(char) * authdata[0]->length);
At conditional (3): "data == NULL" taking the false branch.
107        if (data == NULL) {
108            return ENOMEM;
109        }
110        memcpy(data, authdata[0]->contents, authdata[0]->length);
111    }
112
At conditional (4): "sssdctx->data.data != NULL" taking the true branch.
113    if (sssdctx->data.data != NULL) {
114        krb5_free_data_contents(kcontext, &sssdctx->data);
115    }
116
117    sssdctx->data.length = authdata[0]->length;
118    sssdctx->data.data = data;
Variable "repbuf" going out of scope leaks the storage it points to.
119    return 0;
120}

Fields changed

patch: 0 => 1
rhbz: => 0

Fixed by 8d04d44

component: SSSD => PAC Responder
milestone: NEEDS_TRIAGE => SSSD 1.9.0 beta 4
resolution: => fixed
status: new => closed

Metadata Update from @sgallagh:
- Issue assigned to sbose
- Issue set to the milestone: SSSD 1.9.0 beta 4

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2451

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata