[Bug 2401] New: sshd copying options leaks memory
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Wed May 20 16:38:27 AEST 2015
https://bugzilla.mindrot.org/show_bug.cgi?id=2401
Bug ID: 2401
Summary: sshd copying options leaks memory
Product: Portable OpenSSH
Version: 6.8p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: jjelen at redhat.com
Created attachment 2623
--> https://bugzilla.mindrot.org/attachment.cgi?id=2623&action=edit
proposed patch
To continue with my thematic reports about memory usage, valgrind
showed up some more memory problems around handling server options. And
after some basic understanding of what is going on around there, I came
to this upstream commit:
https://anongit.mindrot.org/openssh.git/commit/?id=d8478b6a9b32760d47c2419279c4a73f5f88fdb6
The core of problem is that when you read options from file, you
allocate memory for them and then you copy them to another options
structure using xstrdup, which leaves behind two copies abandoned. One
is still left in old array (never freed) and the other is overwritten
by a copy you are assigning to the target array.
Proposing patch that handles memory proper way:
1) In first cycle go through the target array and free all strings
2) In second cycle move values from first array to the other
It requires one more variable to operate (chosen classic i).
Fortunately, the macro can't be used anywhere else so we can depend on
local variable.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list