source: npl/system/nss_ldap/patches/fix_ldap_sessions_mem_leak.patch

Last change on this file was c5c522c, checked in by Edwin Eefting <edwin@datux.nl>, 9 years ago

initial commit, transferred from cleaned syn3 svn tree
  • Property mode set to 100644
File size: 2.3 KB

  • ldap-nss.c 

    Description: Fix memory leak in libnss-ldap
  A memory leak in libnss-ldap over time can cause the nscd process to 
  grow extremely large. 
  .
  The ldap-nss.c do_init() may be called more then once, to initialize an 
  ldap session and save the session in __session.ls_conn and 
  set the __session.ls_stat = LD_INITIALIZED. But it does not check the 
  state to see if has be initialized, and
  at line 1239: __session.ls_conn = NULL;
Bug: http://bugzilla.padl.com/show_bug.cgi?id=418
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/292971
Author: Doug Engert <deengert@anl.gov>
Reviewed-by: Mathias Gug <mathiaz@ubuntu.com>
Reviewed-by: Kees Cook <kees@ubuntu.com>
    a b static void do_atfork_child (void); 
    184184static void do_atfork_setup (void);
    185185#endif
    186186
     187static void do_atexit (void);  /* allow exit to cleanup to help valgrind */
    187188/*
    188189 * Close the global session, sending an unbind.
    189190 */
    do_atfork_setup (void) 
    551552  (void) __libc_atfork (do_atfork_prepare, do_atfork_parent, do_atfork_child);
    552553#endif
    553554
     555atexit(do_atexit); /* allow exit to cleanup to help valgrind */
     556
    554557  debug ("<== do_atfork_setup");
    555558}
    556559#endif
    557560
    558561/*
     562 * allow exit to cleanup to help valgrind
     563 */
     564void
     565do_atexit (void)
     566{
     567  debug ("<== do_atexit");
     568  _nss_ldap_enter();
     569  do_close();
     570  debug ("==> do_atexit (should be no more activity)");
     571}
     572
     573/*
    559574 * Acquires global lock, blocks SIGPIPE.
    560575 */
    561576void
    do_init (void) 
    12341249        }
    12351250    }
    12361251
    1237   __session.ls_conn = NULL;
     1252/* LOOKS LIKE A PROBLEM. COULD BE INITIALIZED, BUT NOT CONNECTED */
     1253  if (__session.ls_state == LS_UNINITIALIZED) {
    12381254  __session.ls_timestamp = 0;
    1239   __session.ls_state = LS_UNINITIALIZED;
    12401255
    12411256#if defined(HAVE_PTHREAD_ONCE) && defined(HAVE_PTHREAD_ATFORK)
    12421257  if (pthread_once (&__once, do_atfork_setup) != 0)
    do_init (void) 
    13551370  __session.ls_state = LS_INITIALIZED;
    13561371
    13571372  debug ("<== do_init (initialized session)");
     1373  } /* if already initialized  but not connected */
     1374  else {
     1375    debug ("<== do_init (already initialized)");
     1376  }
    13581377
    13591378  return NSS_SUCCESS;
    13601379}
    do_open (void) 
    15751594        }
    15761595      else
    15771596        {
     1597          syslog(LOG_ERR, "nss-ldap: do_open: do_start_tls failed:stat=%d", stat);
    15781598          do_close ();
    15791599          debug ("<== do_open (TLS startup failed)");
    15801600          return stat;
Note: See TracBrowser for help on using the repository browser.