#44: avoid leak in crypt() by moving to crypt_r() ---------------------+------------------------------ Reporter: todorb | Owner: pam-developers@… Type: defect | Status: new Priority: major | Component: library Version: 1.1.x | Keywords: Blocked By: | Blocking: ---------------------+------------------------------ we use pam_chauthtok() to change passwords from one long lived daemon. we discovered leaked heap chunks that contain password hashes. it turned out that the non-reentrant versions of hash algorithms called by crypt() allocate a heap buffer internally, that is not freed when the pam stack is unloaded and libcrypt is dlclosed.
i'm attaching a patch for switching to the reentrant version when it's available.
ps. for those interested in more details see for example http://osxr.org/glibc/source/crypt/sha512-crypt.c?v=glibc-2.17 . the chunk returned by realloc() on line 0429 is leaked on every call to pam_chauthtok().
#44: avoid leak in crypt() by moving to crypt_r() -------------------+------------------------------- Reporter: todorb | Owner: pam-developers@… Type: defect | Status: closed Priority: major | Component: library Version: 1.1.x | Resolution: fixed Keywords: | Blocked By: Blocking: | -------------------+------------------------------- Changes (by tmraz):
* resolution: => fixed * status: new => closed
Comment:
Note that you are using old Linux-PAM release. I applied somewhat modified patch to the GIT repository.
pam-developers@lists.fedorahosted.org
-
fedora-badges