Has anyone experience memory leaks with PAM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I am experiencing a rather large memory leaks when using pam and the krb5
perl mod from RedHat.

I am using this via the radius server radiator and am working around it
at the moment by using fork.  I would like to get a fix for the leak.  Any
ideas on where to go for help on this??

Thanks,

Mike Forbes


Output from yamd is also included.

I have attached a simple program that demonstrates the problem. If you
edit it for a valid username and password, compile it with:

 gcc -g -o pam pam.c -lpam

it will grow without bounds

Yamd shows that there is a major memory loss (2 blocks of 8192 bytes) deep
inside the PAM library for each iteration:

> WARNING: Memory leak
> Address 0x4062d000, size 8192
> Allocated by realloc at
> BEGIN TRACEBACK
> ./pam(__libc_realloc+0x31)[0x4207afa1]
> [0x404ebf60]
> [0x404ed172]
> [0x404e95c5]
> /lib/libpam.so.0[0x40038b52]
> /lib/libpam.so.0(_pam_dispatch+0x1b0)[0x40038e80]
> [0x4024aaec]
> [0x40249ccd]
> /lib/libpam.so.0[0x40038b52]
> /lib/libpam.so.0(_pam_dispatch+0x1b0)[0x40038e80]
> /lib/libpam.so.0(pam_authenticate+0x6b)[0x4003a60f]
> ./pam(pam_start+0x252)[0x80487b6]
> ./pam(__libc_start_main+0x95)[0x42017499]
> ./pam(pam_start+0x4d)[0x80485b1]
> END TRACEBACK
> Realloced from NULL
>

 #include <security/pam_appl.h>

char* username = "mikem";
char* password = "mycorrectpassword";
char* service = "login";

int conv(int num_msg, const struct pam_message **msg,
                struct pam_response **resp, void *appdata_ptr)
{
  int i;

  struct pam_response *reply;
  reply = (struct pam_response *)malloc(num_msg * sizeof(struct
pam_response));
  for (i = 0; i < num_msg; i++)
    {
      //      printf("its %d, %s\n", (*msg)[i].msg_style, (*msg)[i].msg);
      reply[i].resp_retcode = 0;
      reply[i].resp = (char *)strdup(password);
    }
  *resp = reply;
  return 0;
}

main()
{
  int result;
  pam_handle_t *        pamh;
  struct pam_conv       pam_conv;
  int i = 0;
  pam_conv.conv = &conv;
  while (i++ < 1000000)
    {
      result = pam_start(service, username, &pam_conv, &pamh);
      if (result == PAM_SUCCESS)
        {
          result = pam_authenticate(pamh, 0);
          //printf("pam_auth result %d\n", result);
          pam_end(pamh, 0);
        }
    }
}
[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux