Package: libkrb5 Version: 1.8.3+dfsg~beta1-1 Severity: important I found two memory leaks in krb5_get_init_creds_password. It leaks two blocks of memory for every call. The using code is a low level python wrapper using ctypes.
valgrind report: | ==8969== definitely lost: 96 bytes in 2 blocks | ==8969== indirectly lost: 64 bytes in 2 blocks First leak: | ==8969== 40 (16 direct, 24 indirect) bytes in 1 blocks are definitely lost in loss record 38 of 423 | ==8969== at 0x4C244E8: malloc (vg_replace_malloc.c:236) | ==8969== by 0x4C24562: realloc (vg_replace_malloc.c:525) | ==8969== by 0x6B7F4DC: krb5_init_creds_step (get_in_tkt.c:630) | ==8969== by 0x6B7FF19: init_creds_get (get_in_tkt.c:1078) | ==8969== by 0x6B80026: krb5int_get_init_creds (get_in_tkt.c:2110) | ==8969== by 0x6B82153: krb5_get_init_creds_password (gic_pwd.c:154) The function request_enc_pa_rep allocates krb5_pa_data (krb5_init_creds_context->request->padata). This field it not freed in krb5_init_creds_free. Second leak: | ==8969== 120 (80 direct, 40 indirect) bytes in 1 blocks are definitely lost in loss record 55 of 423 | ==8969== at 0x4C2380C: calloc (vg_replace_malloc.c:467) | ==8969== by 0x6B8148F: krb5int_gic_opte_alloc (gic_opt.c:172) | ==8969== by 0x6B81A49: krb5_get_init_creds_opt_alloc (gic_opt.c:200) | ==8969== by 0x6B7E80C: krb5_init_creds_init (get_in_tkt.c:1335) | ==8969== by 0x6B7FFE2: krb5int_get_init_creds (get_in_tkt.c:2091) | ==8969== by 0x6B82153: krb5_get_init_creds_password (gic_pwd.c:154) If krb5_init_creds_init gets a NULL for the krb5_get_init_creds_opt attribute, such a structure is allocated, but it is never freed. Bastian -- Star Trek Lives!
signature.asc
Description: Digital signature
