Bug 2043 - memleak in import_environments
Summary: memleak in import_environments
Status: CLOSED WONTFIX
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: 6.1p1
Hardware: All All
: P5 trivial
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-09-25 03:14 AEST by Arthur Mesh
Modified: 2021-03-04 09:54 AEDT (History)
1 user (show)

See Also:

Attachments
fix (220 bytes, patch)
2012-09-25 03:14 AEST, Arthur Mesh 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Arthur Mesh 2012-09-25 03:14:55 AEST 
Created attachment 2189 [details]
fix

Potential fix attached.
Comment 1 Damien Miller 2020-06-26 16:08:11 AEST 
Unfortunately, it's not possible to safely free this here as pam_putenv() is underspecified: it is not guaranteed to either copy the environment it is setting or take over ownership of it. The safest behaviour here is just to accept the one-time leak :(

I have added a comment to explain this in auth-pam.c
Comment 2 Damien Miller 2021-03-04 09:54:42 AEDT 
close bugs that were resolved in OpenSSH 8.5 release cycle