[Bug 3508] New: Memory leak in auth-pam

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Dec 9 05:47:41 AEDT 2022


https://bugzilla.mindrot.org/show_bug.cgi?id=3508

            Bug ID: 3508
           Summary: Memory leak in auth-pam
           Product: Portable OpenSSH
           Version: 9.1p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: PAM support
          Assignee: unassigned-bugs at mindrot.org
          Reporter: miazgapow at gmail.com

In auth-pam.c, in sshpam_init, where the SSH_CONNECTION environment
variable is being set, xasprintf is used. It allocates memory for the
formatted string and returns it via the global sshpam_conninfo, which
is later passed to pam_putenv, which copies the string. So memory under
sshpam_conninfo is never freed, and then a reference to it is lost on
another run of sshpam_init

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list