Memory Leak problems with krb5_get_init_creds_password?

Chet Burgess Fri, 12 Aug 2005 17:47:51 -0700

All,
        I am having a problem with the krb5_get_init_creds_password
API call. It looks like it is causing a memory leak, or perhaps I am
not freeing things properly. I am trying to write a pretty simple
plugin to an existing application to do kerberos authentication. While
I got everything working properly and authenticating, during a 12-hour
stress test I noticed a 4.5GB memory leak.


        I have written a simple program that exploits. The simple
program is included at the bottom of the message. I saw messages from
September of 2004 about a similiar problem with this function call,
but I never saw any resolution to this problem. I have observed this
problem using versions 5-1.4.1 (32-bit), 5-1.4.1 (64-bit), and 5-1.4.2
(64-bit) all compiled on Solaris 9 with the Sun Forte compiler (note
that I have not yet compiled/tested this on a 32-bit version of
5-1.4.2, but at this point I don't think that matters). 

        So does anyone have any ideas? Am I calling something
incorrectly, or not freeing memory when I should be?

--example program--

#include <stdio.h>
#include <string.h>
#include <krb5.h>

#define PRINC "[EMAIL PROTECTED]"
#define PASS "password"

int
main(int argc, char **argv) {

  int            r = 0;
  krb5_context   krb_context = 0;      /* Kerberos context      */
  krb5_principal krb_princ = 0;        /* Kerberos principal    */
  krb5_creds     krb_creds;            /* Kerberos credentials  */

  while (1) {
    memset(&krb_creds, 0, sizeof(krb_creds)); 
    if ((r = krb5_init_context(&krb_context)) != 0) {
      printf("Could not init krb_contexti: %s\n", error_message(r));
      goto cleanup;
    } 
    if ((r = krb5_parse_name(krb_context, PRINC, &krb_princ)) != 0) {
      printf("Could not build krb_princ: %s\n", error_message(r));
      goto cleanup;
    }
    if ((r = krb5_get_init_creds_password(krb_context, &krb_creds,
                                          krb_princ, PASS, NULL, 0, 0,
                                          NULL, 0)) != 0) {
      printf("Kerb auth failed: %s\n", error_message(r));
      goto cleanup;
    }
    
    printf("Auth successful!\n");
    goto cleanup;
    
  cleanup:
    krb5_free_creds(krb_context, &krb_creds);
    if (krb_princ) krb5_free_principal(krb_context, krb_princ);
    if (krb_context) krb5_free_context(krb_context);
  }
}

-- 
Chet Burgess

Manager, Enterprise Collaboration Services
Information Services Division
University of Southern California
[EMAIL PROTECTED]
213-740-5160

pgp6p33po0vI7.pgp
Description: PGP signature

________________________________________________
Kerberos mailing list           [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos

Memory Leak problems with krb5_get_init_creds_password?

Reply via email to