[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: ldap_sasl_interactive_bind_s leaks? (ITS#2423)

> -----Original Message-----
> From: owner-openldap-bugs@OpenLDAP.org
> [mailto:owner-openldap-bugs@OpenLDAP.org]On Behalf Of igor@ipass.net

> Full_Name: Igor Brezac
> Version: 2.1.16
> OS: Solaris 9
> URL:
> ftp://ftp.openldap.org/incoming/ldap_sasl_interactive_bind_s.leak.c
> Submission from: (NULL) (
> My testing shows a leak in ldap_sasl_interactive_bind_s().  I
> tried to chase the
> leak with fnccheck, but after compiling both openldap and my
> testing program for
> profiling, fncdump dumps itself.

It works for me...

>  Anyway,
> ldap_sasl_interactive_bind_s() frees
> SASL_INTERACT prompt result, but I do not think it frees
> other prompt buffers.
> I looked throught sources for ldapsearch and slurpd, but I
> did not find ways to
> free the buffers allocated in _ldap_interact.

It appears that _ldap_interact doesn't need to malloc the result at all. We
can fix this easily enough. However there appear to be more leaks in Cyrus
SASL itself, at least with the DIGEST-MD5 mech. I haven't profiled my
libsasl2 yet so I haven't tracked these down.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support