#3156 nss_sss might leak memory when calling thread goes away
Closed: Fixed None Opened 5 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Fedora): Bug 1369130

/usr/lib64/libnss_sss.so.2 in sssd-client-1.13.4-4.fc24.x86_64 is linked
against libpthread.  This causes problems when static binaries attempt to use
NSS-based functions:


It also increases the risk for symbol collisions with the application binary.

What libpthread functionality do you *really* need which is not in libc.so.6?

Fields changed

blockedby: =>
blocking: =>
cc: => fweimer@redhat.com
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
review: True => 0
selected: =>
testsupdated: => 0

This ticket is more about a possible resource leak that Florian found in the code. From the linked bugzilla:
The fix is likely wrong. It does release the lock, but you end up with whatever internal state you had at the point of cancellation. If that is not fully consistent, an application which has canceled a NSS operation will experience rather subtle bugs.

There also seem to be resource leaks, e.g. sss_cli_recv_rep could leak the buffer if cancellation happens after the malloc call.

If you do not want to make the entire code cancellation-safe, you should defer cancellation on entry to nss_sss. Or maybe we should change glibc so that it does that automatically for you. I don't think many of the existing NSS modules are written with cancellation in mind.

summary: nss_sss should not link against libpthread => nss_sss might leak memory when calling thread goes away

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.16 beta

Note that this is a none-issue once you disable (deferred) cancellation because the thread will no longer perform a non-local exit in this case.


milestone: SSSD Future releases (no date set yet) => SSSD 1.15 Alpha
resolution: => fixed
status: new => closed

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.15.0

5 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4189

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.