bugzilla-daemon at mindrot.org
2024-Aug-16 12:25 UTC
[Bug 3718] New: Small memory leak (+patch) in process_server_config_line_depth
https://bugzilla.mindrot.org/show_bug.cgi?id=3718
Bug ID: 3718
Summary: Small memory leak (+patch) in
process_server_config_line_depth
Product: Portable OpenSSH
Version: -current
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: alarrosa at suse.com
Created attachment 3831
--> https://bugzilla.mindrot.org/attachment.cgi?id=3831&action=edit
Patch that fixes the memory leak
While running sshd under valgrind I noticed a small memory leak.
The return value of argv_assemble is owned by the caller and should be
free'd. When processing the sSubsystem case there are two calls to
argv_assemble but only one of them is freed. The attached patch adds
the missing free to fix this small (29 bytes according to valgrind)
memory leak.
The output from valgrind:
> ==115369== 29 bytes in 1 blocks are definitely lost in loss record 573 of
913
> ==115369== at 0x4845794: malloc (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==115369== by 0x124A22: argv_assemble (misc.c:2165)
> ==115369== by 0x1385E5: process_server_config_line_depth.constprop.0
(servconf.c:2004)
> ==115369== by 0x13984D: parse_server_config_depth.constprop.0
(servconf.c:3032)
> ==115369== by 0x139986: parse_server_config.constprop.0
(servconf.c:3049)
> ==115369== by 0x111C6E: main (sshd.c:1445)
Btw, I submitted this also as a PR in github some days ago (see
https://github.com/openssh/openssh-portable/pull/515 ) but since it
doesn't seem to be very active, I decided to also submit it here.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2024-Aug-19 01:45 UTC
[Bug 3718] Small memory leak (+patch) in process_server_config_line_depth
https://bugzilla.mindrot.org/show_bug.cgi?id=3718
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
CC| |djm at mindrot.org
Status|NEW |RESOLVED
Blocks| |3708
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Fixed:
commit 127a50f2c80572ed1a021feb11ecf941e92cbbef
Author: djm at openbsd.org <djm at openbsd.org>
Date: Sat Aug 17 08:23:04 2024 +0000
upstream: fix minor memory leak in Subsystem option parsing; from
Antonio Larrosa via GHPR515
OpenBSD-Commit-ID: fff3bbefd1b2c45c98cbe45c6b857b15d8a2d364
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3708
[Bug 3708] Tracking bug for OpenSSH 9.9
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
Possibly Parallel Threads
- [Bug 3667] New: Trailing space is added when parsing Subsystem in sshd_config
- [PATCH v3 2/2] Permit %L and %l percent escapes in sshd Include
- [PATCH RESEND 2/2] Permit %L and %l percent escapes in server Include
- [Bug 3657] New: AuthenticationMethods any apparently not possible after previous non-any assignment
- [PATCH v3 1/2] Permit %L and %l percent escapes in ssh Include