From 056acfee29b0d39f85b4d8ccae0d32212dffba88 Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Wed, 12 Feb 2025 15:55:52 +0100 Subject: [PATCH] Resolves: RHEL-78253 - 'sssd_kcm' leaks memory [rhel-9] --- 0003-KCM-another-memory-leak-fixed.patch | 59 ++++++++++++++++++++++++ sssd.spec | 6 ++- 2 files changed, 64 insertions(+), 1 deletion(-) create mode 100644 0003-KCM-another-memory-leak-fixed.patch diff --git a/0003-KCM-another-memory-leak-fixed.patch b/0003-KCM-another-memory-leak-fixed.patch new file mode 100644 index 0000000..922fbdc --- /dev/null +++ b/0003-KCM-another-memory-leak-fixed.patch @@ -0,0 +1,59 @@ +From e7c76df8c0fa4a361c433684553ba1384166a564 Mon Sep 17 00:00:00 2001 +From: Alexey Tikhonov +Date: Wed, 12 Feb 2025 11:30:22 +0100 +Subject: [PATCH] KCM: another memory leak fixed +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +``` +... + talloc_new: src/responder/kcm/kcmsrv_ccache.c:405 contains 0 bytes in 1 blocks (ref 0) 0x563feaabc0a0 + talloc_new: src/responder/kcm/kcmsrv_ccache.c:405 contains 0 bytes in 1 blocks (ref 0) 0x563feaa84f90 + talloc_new: src/responder/kcm/kcmsrv_ccache.c:405 contains 0 bytes in 1 blocks (ref 0) 0x563feaabf520 +... +``` + +Reviewed-by: Alejandro López +(cherry picked from commit 9e72bc242b600158d7920b2b98644efa42fd1ffa) +--- + src/responder/kcm/kcmsrv_ccache.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/src/responder/kcm/kcmsrv_ccache.c b/src/responder/kcm/kcmsrv_ccache.c +index 6e4ea64e0..4f4f8b46a 100644 +--- a/src/responder/kcm/kcmsrv_ccache.c ++++ b/src/responder/kcm/kcmsrv_ccache.c +@@ -404,7 +404,7 @@ krb5_creds **kcm_cc_unmarshal(TALLOC_CTX *mem_ctx, + + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { +- goto done; ++ goto fail; + } + + for (cred = kcm_cc_get_cred(cc); cred != NULL; cred = kcm_cc_next_cred(cred)) { +@@ -417,7 +417,7 @@ krb5_creds **kcm_cc_unmarshal(TALLOC_CTX *mem_ctx, + cred_list[i] = kcm_cred_to_krb5(krb_context, cred); + if (cred_list[i] == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to convert kcm cred to krb5\n"); +- goto done; ++ goto fail; + } + } + +@@ -426,8 +426,10 @@ krb5_creds **kcm_cc_unmarshal(TALLOC_CTX *mem_ctx, + + talloc_steal(mem_ctx, cred_list); + ++ talloc_free(tmp_ctx); + return cred_list; +-done: ++ ++fail: + talloc_free(tmp_ctx); + return NULL; + #endif +-- +2.47.0 + diff --git a/sssd.spec b/sssd.spec index d59772a..98d12e0 100644 --- a/sssd.spec +++ b/sssd.spec @@ -27,7 +27,7 @@ Name: sssd Version: 2.9.6 -Release: 3%{?dist} +Release: 4%{?dist} Summary: System Security Services Daemon License: GPLv3+ URL: https://github.com/SSSD/sssd/ @@ -36,6 +36,7 @@ Source0: https://github.com/SSSD/sssd/releases/download/%{version}/sssd-%{versio ### Patches ### Patch0001: 0001-SYSDB-Use-SYSDB_NAME-from-cached-entry-when-updating.patch Patch0002: 0002-KCM-fix-memory-leak.patch +Patch0003: 0003-KCM-another-memory-leak-fixed.patch ### Dependencies ### @@ -1085,6 +1086,9 @@ fi %systemd_postun_with_restart sssd.service %changelog +* Wed Feb 12 2025 Alexey Tikhonov - 2.9.6-4 +- Resolves: RHEL-78253 - 'sssd_kcm' leaks memory [rhel-9] + * Mon Feb 10 2025 Alexey Tikhonov - 2.9.6-3 - Resolves: RHEL-78253 - 'sssd_kcm' leaks memory [rhel-9]