[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Memory leaks in PAM



Bart Whiteley wrote:
> I started with misc_conv.c, and created a conversation function
> that has the password as it's appdata_ptr.  The program works,
> but leaks memory.

> There are two places in this sample code where memory is dynamically
> allocated, and not freed (at least not by me).  The first is in
> authenticate() where pPasswd is created with strdup() and then
> given as the second argument of the pam_conv (thus allowing it to
> be passed to the conversation function as appdata_ptr).  I've tried
> to free this after calling pam_end.  You can see that I free pUserName
> in this manner.  If I try to free pPasswd also, the program segfaults.

This is expected. The module that interprets the password will do the
free(), and when you see the segfault you are causing the free to happen
twice.

> The other dynamic allocation is in MY_PAM_conv where
>   struct pam_response* reply
> is allocated with calloc().  This also is never freed unless an
> error is encountered in the conversation function.  This cannot
> be freed within the conversation function, because **response is
> assigned it's memory (this is how the password, among other things
> is passed back to PAM).

Yes, this too should be free()d by the module.

What does your /etc/pam.d/kdm file look like? What version of PAM are
you running?

> Is there any way this sample code could be changed so that it
> does not leak memory?  Or, are the problems within PAM itself?

A while back there was a memory leak in libdl that manifested itself
like this - to my knowledge it was fixed. But if you say what your
current PAM config is, I'd like to help resolve this.

Cheers

Andrew





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []