Resolves: RHEL-78253 - 'sssd_kcm' leaks memory [rhel-9]

2025-02-12 15:55:52 +01:00 · 2025-02-12 15:55:52 +01:00 · 056acfee29
commit 056acfee29
parent dd838f8d31
2 changed files with 64 additions and 1 deletions
--- a/0003-KCM-another-memory-leak-fixed.patch
+++ b/0003-KCM-another-memory-leak-fixed.patch
@ -0,0 +1,59 @@
+From e7c76df8c0fa4a361c433684553ba1384166a564 Mon Sep 17 00:00:00 2001
+From: Alexey Tikhonov <atikhono@redhat.com>
+Date: Wed, 12 Feb 2025 11:30:22 +0100
+Subject: [PATCH] KCM: another memory leak fixed
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+```
+...
+    talloc_new: src/responder/kcm/kcmsrv_ccache.c:405 contains      0 bytes in   1 blocks (ref 0) 0x563feaabc0a0
+    talloc_new: src/responder/kcm/kcmsrv_ccache.c:405 contains      0 bytes in   1 blocks (ref 0) 0x563feaa84f90
+    talloc_new: src/responder/kcm/kcmsrv_ccache.c:405 contains      0 bytes in   1 blocks (ref 0) 0x563feaabf520
+...
+```
+
+Reviewed-by: Alejandro López <allopez@redhat.com>
+(cherry picked from commit 9e72bc242b600158d7920b2b98644efa42fd1ffa)
+---
+ src/responder/kcm/kcmsrv_ccache.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/src/responder/kcm/kcmsrv_ccache.c b/src/responder/kcm/kcmsrv_ccache.c
+index 6e4ea64e0..4f4f8b46a 100644
+--- a/src/responder/kcm/kcmsrv_ccache.c
+++ b/src/responder/kcm/kcmsrv_ccache.c
+@@ -404,7 +404,7 @@ krb5_creds **kcm_cc_unmarshal(TALLOC_CTX *mem_ctx,
+ 
+     tmp_ctx = talloc_new(NULL);
+     if (tmp_ctx == NULL) {
+-        goto done;
+        goto fail;
+     }
+ 
+     for (cred = kcm_cc_get_cred(cc); cred != NULL; cred = kcm_cc_next_cred(cred)) {
+@@ -417,7 +417,7 @@ krb5_creds **kcm_cc_unmarshal(TALLOC_CTX *mem_ctx,
+         cred_list[i] = kcm_cred_to_krb5(krb_context, cred);
+         if (cred_list[i] == NULL) {
+             DEBUG(SSSDBG_CRIT_FAILURE, "Failed to convert kcm cred to krb5\n");
+-            goto done;
+            goto fail;
+         }
+     }
+ 
+@@ -426,8 +426,10 @@ krb5_creds **kcm_cc_unmarshal(TALLOC_CTX *mem_ctx,
+ 
+     talloc_steal(mem_ctx, cred_list);
+ 
+    talloc_free(tmp_ctx);
+     return cred_list;
+-done:
+
+fail:
+     talloc_free(tmp_ctx);
+     return NULL;
+ #endif
+-- 
+2.47.0
+
--- a/sssd.spec
+++ b/sssd.spec
@ -27,7 +27,7 @@

 Name: sssd
 Version: 2.9.6
-Release: 3%{?dist}
+Release: 4%{?dist}
 Summary: System Security Services Daemon
 License: GPLv3+
 URL: https://github.com/SSSD/sssd/
@ -36,6 +36,7 @@ Source0: https://github.com/SSSD/sssd/releases/download/%{version}/sssd-%{versio
 ### Patches ###
 Patch0001: 0001-SYSDB-Use-SYSDB_NAME-from-cached-entry-when-updating.patch
 Patch0002: 0002-KCM-fix-memory-leak.patch
+Patch0003: 0003-KCM-another-memory-leak-fixed.patch

 ### Dependencies ###

@ -1085,6 +1086,9 @@ fi
 %systemd_postun_with_restart sssd.service

 %changelog
+* Wed Feb 12 2025 Alexey Tikhonov <atikhono@redhat.com> - 2.9.6-4
+- Resolves: RHEL-78253 - 'sssd_kcm' leaks memory [rhel-9]
+
 * Mon Feb 10 2025 Alexey Tikhonov <atikhono@redhat.com> - 2.9.6-3
 - Resolves: RHEL-78253 - 'sssd_kcm' leaks memory [rhel-9]