Potential memory leak in sshd [detected by melton]
Ángel González
keisial at gmail.com
Mon Feb 6 07:38:41 EST 2012
On 05/02/12 06:54, Zhenbo Xu wrote:
> What about this report
> http://lcs.ios.ac.cn/~xuzb/bugsfound/memleak/openssh-5.9p1/realbugs/sshd/report-uWzwb1.html#EndPath
> ?
> At the end of the function server_accept_loop, fdset leaks. It means each
> time the master sshd accept a new connection, it create a new space for
> fdset but no free it. Or it is a false positive?
No. Before allocating the fdset (line 14156), it frees the previous one
if present (line 14155).
There's a small leak of the last one when it exits the infinite loop. It
should probably free fdset on line 14330.
It seems an odd way, doing the free() + calloc() on every iteration.
Seems easier to do
if (fdset != NULL)
bzero(fdset, ...);
else
fdset = xcalloc(...);
maxfd can be decreased in line 14236, but that doesn't require the
xfree() + xcalloc() pattern.
More information about the openssh-unix-dev
mailing list