Bug 2952

Summary: GSSAPI doesn't cleanup methoddata (leaks some memory).
Product: Portable OpenSSH Reporter: Markus <markus>
Component: Kerberos supportAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: minor CC: djm, dtucker, markus
Priority: P5    
Version: 7.9p1   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 2915    
Attachments:
Description Flags
patch to fix memory leak and side issues.
none
Fixed patch for v7.9 after opacket removal none

Description Markus 2019-01-08 21:35:23 AEDT 
userauth_gssapi allocates a bit of memory for the authctxt->methoddata pointer but doesn't clean up.

Side issue: userauth_gssapi is also using two function-static variables.  One of these leaks.  The other one makes prevents reusability (e.g. porting to OO languages) because there is no way to reset it.  They should be moved to authctxt.
Comment 1 Markus 2019-01-08 21:39:43 AEDT 
Another side issue: some gssapi-userauth related functions could be made static and there is a function prototype (input_gssapi_hash) that is no longer used.
Comment 2 Markus 2019-01-08 21:42:39 AEDT 
Created attachment 3221 [details]
patch to fix memory leak and side issues.
Comment 3 Markus 2019-02-05 21:32:02 AEDT 
The initial patch now breaks after other patches (old packet api) were applied to v7.9.

I'm attaching a new patch.  

It also slightly changes the pubkey_cleanup, adding it to the method table as a cleanup handler, rather than calling it explicitely.
Comment 4 Markus 2019-02-05 21:33:42 AEDT 
Created attachment 3234 [details]
Fixed patch for v7.9 after opacket removal


applies again to current v7.9 (portable)
Comment 5 Darren Tucker 2019-02-05 22:39:14 AEDT 
Put on list for 8.0
Comment 6 Damien Miller 2019-02-11 20:47:21 AEDT 
This has been committed and will be in the 8.0 release - thanks.
Comment 7 Damien Miller 2019-05-03 14:42:35 AEST 
Move resolved bugs -> CLOSED after 8.0 release