Bug 10396 - Memory leak in ntlm_auth
Summary: Memory leak in ntlm_auth
Status: RESOLVED FIXED
Alias: None
Product: Samba 3.4
Classification: Unclassified
Component: Ntlm_auth Tool (show other bugs)
Version: 3.4.17
Hardware: All All
: P5 normal
Target Milestone: ---
Assignee: Kai Blin
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-01-22 14:57 UTC by Victor Fernandez Martinez
Modified: 2017-01-03 06:58 UTC (History)
0 users

See Also:


Attachments
Proposed fix for the memory leak (2.67 KB, patch)
2014-01-22 14:58 UTC, Victor Fernandez Martinez
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Fernandez Martinez 2014-01-22 14:57:22 UTC
I have found two memory leaks in the ntlm_auth tool in Samba 3.4.17 when using the squid-2.5-ntlmssp helper protocol. In a server running Squid using ntlm_auth, the memory usage of the ntlm_auth worker processes increases and it is quite noticeable after a few days. This memory is actually released by ntlm_auth when it finishes but until then, it is kept allocated forever while being unused, thus causing the process to grow and grow until it eventually becomes too big.

In order to detect the memory leaks, I first called talloc_enable_leak_report_full() at the start of the main() in source3/utils/ntlm_auth.c. Then, right after ntlmssp_end() is called, I call talloc_report_full() passing a pointer to a FILE* I opened, so a report is generated on each authentication attempt and saved to a file. This way I could notice that ntlm_auth allocates the following chunks:

full talloc report on 'null_context' (total  24522 bytes in 2171 blocks)
    DATA_BLOB: lib/util_str.c:1858 contains     57 bytes in   1 blocks (ref 0) 0xf7bbeea0
    DATA_BLOB: utils/ntlm_auth.c:861 contains     16 bytes in   1 blocks (ref 0) 0xf7b97478
    DATA_BLOB: utils/ntlm_auth.c:549 contains     16 bytes in   1 blocks (ref 0) 0xf7bbed90
    DATA_BLOB: utils/ntlm_auth.c:549 contains     16 bytes in   1 blocks (ref 0) 0xf7bbe4f8
    DATA_BLOB: utils/ntlm_auth.c:549 contains     16 bytes in   1 blocks (ref 0) 0xf7bbe4b0
    DATA_BLOB: utils/ntlm_auth.c:549 contains     16 bytes in   1 blocks (ref 0) 0xf7bbdea0
    DATA_BLOB: utils/ntlm_auth.c:549 contains     16 bytes in   1 blocks (ref 0) 0xf7bbe2f0
    DATA_BLOB: utils/ntlm_auth.c:549 contains     16 bytes in   1 blocks (ref 0) 0xf7bbdd10
    DATA_BLOB: utils/ntlm_auth.c:549 contains     16 bytes in   1 blocks (ref 0) 0xf7bbe5d8
    DATA_BLOB: utils/ntlm_auth.c:543 contains     16 bytes in   1 blocks (ref 0) 0xf7bbe590
    [... repeated thousands of times ...]

    ntlm_auth                      contains    119 bytes in   4 blocks (ref 0) 0xf7b944a8
        YR TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw== contains     61 bytes in   1 blocks (ref 0) 0xf7bbee28
        struct ntlm_auth_state         contains     48 bytes in   1 blocks (ref 0) 0xf7b945a0
        .name                          contains     10 bytes in   1 blocks (ref 0) 0xf7b94560
    autofree_context               contains    164 bytes in   6 blocks (ref 0) 0xf7b30698
        char *                         contains     79 bytes in   2 blocks (ref 0) 0xf7b31a58
            char                           contains     11 bytes in   1 blocks (ref 0) 0xf7b31ad0
        char *                         contains     77 bytes in   2 blocks (ref 0) 0xf7b312c8
            char                           contains      9 bytes in   1 blocks (ref 0) 0xf7b31380
        zngfw02                        contains      8 bytes in   1 blocks (ref 0) 0xf7b30ef8
    TALLOC_CTX *                   contains  10086 bytes in 1278 blocks (ref 0) 0xf7b305c8
        talloc_new: ../lib/util/talloc_stack.c:91 contains  10078 bytes in 1277 blocks (ref 0) 0xf7b30548
            DATA_BLOB: lib/util_sock.c:1890 contains      8 bytes in   1 blocks (ref 0) 0xf7bbece0
            DATA_BLOB: lib/util_sock.c:1890 contains      8 bytes in   1 blocks (ref 0) 0xf7bbeca0
            DATA_BLOB: lib/util_sock.c:1890 contains      8 bytes in   1 blocks (ref 0) 0xf7bbe8d8
            DATA_BLOB: lib/util_sock.c:1890 contains      8 bytes in   1 blocks (ref 0) 0xf7bbeae0
            [... repeated thousands of times ...]

The proposed attachment includes a fix for both memory leaks (the one in utils/ntlm_auth.c:543 and the one in lib/util_sock.c:1890).
Comment 1 Victor Fernandez Martinez 2014-01-22 14:58:35 UTC
Created attachment 9609 [details]
Proposed fix for the memory leak
Comment 2 Andrew Bartlett 2017-01-03 06:58:13 UTC
This appears to be fixed in current master, and probably also Samba 4.5 at least, with similar patches apparently already included.

Thanks!