ehlo,
the patch for ticket "functions with reference leaks within sssd"
#1195 was not tested proerly and double free was introduced.
Simple patch is attached.
LS
>From dc2294bc0df4ac9798cf976861e00db83f047653 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lsleb...@redhat.com>
Date: Thu, 29 Jan 2015 08:10:36 +0100
Subject: [PATCH] pysss: Fix double free
The talloc context is removed in destructor.
==1695== Invalid read of size 4
==1695== at 0x1243D0CD: talloc_chunk_from_ptr (talloc.c:372)
==1695== by 0x1243D0CD: _talloc_free (talloc.c:1559)
==1695== by 0x117B18C3: PySssLocalObject_dealloc (pysss.c:836)
==1695== by 0x117B1AEE: PySssLocalObject_new (pysss.c:898)
==1695== by 0x4ED5522: type_call (typeobject.c:729)
==1695== by 0x4E7F902: PyObject_Call (abstract.c:2529)
==1695== by 0x4F15584: do_call (ceval.c:4328)
==1695== by 0x4F15584: call_function (ceval.c:4133)
==1695== by 0x4F15584: PyEval_EvalFrameEx (ceval.c:2753)
==1695== by 0x4F16BE5: fast_function (ceval.c:4196)
==1695== by 0x4F16BE5: call_function (ceval.c:4131)
==1695== by 0x4F16BE5: PyEval_EvalFrameEx (ceval.c:2753)
==1695== by 0x4F183FF: PyEval_EvalCodeEx (ceval.c:3342)
==1695== by 0x4EA46BC: function_call (funcobject.c:526)
==1695== by 0x4E7F902: PyObject_Call (abstract.c:2529)
==1695== by 0x4F1504F: ext_do_call (ceval.c:4423)
==1695== by 0x4F1504F: PyEval_EvalFrameEx (ceval.c:2792)
==1695== by 0x4F183FF: PyEval_EvalCodeEx (ceval.c:3342)
==1695== Address 0x112d4560 is 64 bytes inside a block of size 96 free'd
==1695== at 0x4C2ACE9: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==1695== by 0x1243D2F2: _talloc_free_internal (talloc.c:1057)
==1695== by 0x1243D2F2: _talloc_free (talloc.c:1581)
==1695== by 0x117B1ABF: PySssLocalObject_new (pysss.c:876)
==1695== by 0x4ED5522: type_call (typeobject.c:729)
==1695== by 0x4E7F902: PyObject_Call (abstract.c:2529)
==1695== by 0x4F15584: do_call (ceval.c:4328)
==1695== by 0x4F15584: call_function (ceval.c:4133)
==1695== by 0x4F15584: PyEval_EvalFrameEx (ceval.c:2753)
==1695== by 0x4F16BE5: fast_function (ceval.c:4196)
==1695== by 0x4F16BE5: call_function (ceval.c:4131)
==1695== by 0x4F16BE5: PyEval_EvalFrameEx (ceval.c:2753)
==1695== by 0x4F183FF: PyEval_EvalCodeEx (ceval.c:3342)
==1695== by 0x4EA46BC: function_call (funcobject.c:526)
==1695== by 0x4E7F902: PyObject_Call (abstract.c:2529)
==1695== by 0x4F1504F: ext_do_call (ceval.c:4423)
==1695== by 0x4F1504F: PyEval_EvalFrameEx (ceval.c:2792)
==1695== by 0x4F183FF: PyEval_EvalCodeEx (ceval.c:3342)
---
src/python/pysss.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/src/python/pysss.c b/src/python/pysss.c
index
684ad72b1c0468bd2327d2b0ec87b5aa7348c349..50f80421739e579ff94e5b8d1c5b97433b460e06
100644
--- a/src/python/pysss.c
+++ b/src/python/pysss.c
@@ -865,7 +865,6 @@ static PyObject *PySssLocalObject_new(PyTypeObject *type,
confdb_path = talloc_asprintf(self->mem_ctx, "%s/%s", DB_PATH,
CONFDB_FILE);
if (confdb_path == NULL) {
- talloc_free(mem_ctx);
PyErr_NoMemory();
goto fail;
}
@@ -873,7 +872,6 @@ static PyObject *PySssLocalObject_new(PyTypeObject *type,
/* Connect to the conf db */
ret = confdb_init(self->mem_ctx, &self->confdb, confdb_path);
if (ret != EOK) {
- talloc_free(mem_ctx);
PyErr_SetSssErrorWithMessage(ret,
"Could not initialize connection to the confdb\n");
goto fail;
@@ -882,7 +880,6 @@ static PyObject *PySssLocalObject_new(PyTypeObject *type,
ret = sssd_domain_init(self->mem_ctx, self->confdb, "local",
DB_PATH, &self->local);
if (ret != EOK) {
- talloc_free(mem_ctx);
PyErr_SetSssErrorWithMessage(ret,
"Could not initialize connection to the sysdb\n");
goto fail;
--
2.1.0
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
