Bug 17084

Compile ang run program below
and all your memory will eaten very quckly
each itteration "eats" about 1.5k memory
---
I have dip a bit into problem and found that memory leaks in
cgetent() called from login_getclassbyname()

Fix: 

don't know
How-To-Repeat: #include <stdio.h>
#include <sys/types.h>
#include <login_cap.h>
#include <pwd.h>


main()
{

  struct passwd *ent;
  int uid;
  
  ent = getpwnam("nobody"); 
  while(1) {
    login_cap_t *lc;
    uid = ent->pw_uid;
    if ( (lc = login_getclassbyname("root", ent)) == NULL )
                perror("login_getclassbyname: ");
    login_close(lc);      
  }
}

On Tue, Feb 29, 2000 at 03:20:14PM -0800, vova@express.ru wrote:
> 
> Compile ang run program below
> and all your memory will eaten very quckly
> each itteration "eats" about 1.5k memory
> ---
> I have dip a bit into problem and found that memory leaks in
> cgetent() called from login_getclassbyname()
> >How-To-Repeat:
> #include <stdio.h>
> #include <sys/types.h>
> #include <login_cap.h>
> #include <pwd.h>
> 
> 
> main()
> {
> 
>   struct passwd *ent;
>   int uid;
>   
>   ent = getpwnam("nobody"); 
>   while(1) {
>     login_cap_t *lc;
>     uid = ent->pw_uid;
>     if ( (lc = login_getclassbyname("root", ent)) == NULL )
>                 perror("login_getclassbyname: ");
>     login_close(lc);      
>   }
> }
> 
Your code sucks :-)

You should be calling login_close() before each subsequent call of
function returning login_cap_t object, i.e. login_getclassbyname(),
login_getclass(), login_getpwclass() and login_getuserclass().

: The login_cap interface provides a convenient means of retrieving login
: class records with all tc= references expanded.  A program will typically
: call one of login_getclass(), login_getpwclass(), login_getuserclass() or
: login_getclassbyname() according to its requirements.  Each of these
: functions returns a login capabilities structure, login_cap_t which may
: subsequently be used to interrogate the database for specific values us-
: ing the rest of the API.  Once the login_cap_t is of no further use, the
: login_close() function should be called to free all resources used.


Cheers,
-- 
Ruslan Ermilov		Sysadmin and DBA of the
ru@ucb.crimea.ua	United Commercial Bank,
ru@FreeBSD.org		FreeBSD committer,
+380.652.247.647	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age

>
>I have dip a bit into problem and found that memory leaks in
>cgetent() called from login_getclassbyname()

Will you please tell me if the following patch solves the problem.

This patch solves what appear to be two memory leaks.  There may be
more memory leaks and which ones you run into may depend on your
system's specific login.conf configuration.

I can send you copies of the post-patched files to compile with your
program if you'll find that easier.

Please be sure to Cc: freebsd-gnats-submit@FreeBSD.org and don't change
the Subject: line in your reply.

Thanks.

--- src/lib/libutil/~login_cap.c	Tue May 16 11:26:03 2000
+++ src/lib/libutil/login_cap.c	Tue May 16 11:26:19 2000
@@ -150,10 +150,11 @@ void
 login_close(login_cap_t * lc)
 {
     if (lc) {
 	free(lc->lc_style);
 	free(lc->lc_class);
+	free(lc->lc_cap);
 	free(lc);
 	if (--lc_object_count == 0) {
 	    free(internal_string);
 	    free(internal_array);
 	    internal_array = NULL;
--- src/lib/libc/gen/~getcap.c	Tue May 16 11:25:16 2000
+++ src/lib/libc/gen/getcap.c	Tue May 16 11:39:29 2000
@@ -380,12 +380,14 @@ getent(cap, len, db_array, fd, name, dep
 	}
 		if (foundit)
 			break;
 	}
 
-	if (!foundit)
+	if (!foundit) {
+		free(record);
 		return (-1);
+	}
 
 	/*
 	 * Got the capability record, but now we have to expand all tc=name
 	 * references in it ...
 	 */

Comment 4 hoek 2000-05-21 03:55:16 UTC

State Changed
From-To: open->closed

Fixed, found one leak in getcap and one leak in login_getclass.  Thanks!