Potential memory leak in sshd [detected by melton]
Zhenbo Xu
zhenbo1987 at gmail.com
Mon Feb 6 13:03:17 EST 2012
2012/2/6 Ángel González <keisial at gmail.com>
> On 04/02/12 02:55, Zhenbo Xu wrote:
>
> The url below is the index of bug reports that are checked as real
> bugs manually.
> http://lcs.ios.ac.cn/~xuzb/bugsfound/memleak/openssh-5.9p1/realbugs/sshd/index.html
>
>
> Shall we fix these bugs? Or just let them go since they are not so serious?
>
> Hope for your replies!
>
> The 8th report is another false positive
> Logic error Memory leak auth2.i 11503 6 View<http://lcs.ios.ac.cn/%7Exuzb/bugsfound/memleak/openssh-5.9p1/realbugs/sshd/report-ABKOwr.html#EndPath>
> http://lcs.ios.ac.cn/~xuzb/bugsfound/memleak/openssh-5.9p1/realbugs/sshd/report-ABKOwr.html#EndPath
>
> fakepw() returns a static variable.
>
> Shall we free authctxt->pw before this assignment authctxt->pw =
fakepw();,
Since authctxt->pw gets a heap space at 11496. (authctxt->pw =
(use_privsep ? mm_getpwnamallow(user) :
getpwnamallow(user)<http://lcs.ios.ac.cn/~xuzb/bugsfound/memleak/openssh-5.9p1/realbugs/sshd/linked_files/linked-oH0nvi.html#Path7_2>
);)
--
Zhenbo Xu
More information about the openssh-unix-dev
mailing list