Bug 15169 - GETPWSID in memory cache grows indefinetly with each NTLM auth
Summary: GETPWSID in memory cache grows indefinetly with each NTLM auth
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Winbind (show other bugs)
Version: 4.17.0rc5
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Jule Anger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-09-12 14:37 UTC by Andreas Schneider
Modified: 2022-12-15 16:34 UTC (History)
1 user (show)

See Also:

Attachments
git-am fix for 4.17.next, 4.16.next. (3.78 KB, patch)
2022-09-16 22:16 UTC, Jeremy Allison 		asn: review+
Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Schneider 2022-09-12 14:37:59 UTC 
GETPWSID in memory cache grows indefinetly with each NTLM auth.

==22502== 10,440,304 bytes in 21,049 blocks are still reachable in loss record 1,074 of 1,075
==22502==    at 0x4C29F73: malloc (vg_replace_malloc.c:309)
==22502==    by 0x11D6F55B: _talloc_zero (in /usr/lib64/libtalloc.so.2.1.16)
==22502==    by 0x6A1B0F1: samu_new (in /usr/lib64/libsamba-passdb.so.0.27.2)
==22502==    by 0x6A28AA3: pdb_getsampwnam (in /usr/lib64/libsamba-passdb.so.0.27.2)
==22502==    by 0x65D0BC4: check_sam_security (in /usr/lib64/samba/libauth-samba4.so)
==22502==    by 0x65C70F0: ??? (in /usr/lib64/samba/libauth-samba4.so)
==22502==    by 0x65C781A: auth_check_ntlm_password (in /usr/lib64/samba/libauth-samba4.so)
==22502==    by 0x14E464: ??? (in /usr/sbin/winbindd)
==22502==    by 0x151CED: winbind_dual_SamLogon (in /usr/sbin/winbindd)
==22502==    by 0x152072: winbindd_dual_pam_auth_crap (in /usr/sbin/winbindd)
==22502==    by 0x167DE0: ??? (in /usr/sbin/winbindd)
==22502==    by 0x12F29B12: tevent_common_invoke_fd_handler (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F30086: ??? (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2E056: ??? (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2925C: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x16A243: ??? (in /usr/sbin/winbindd)
==22502==    by 0x16AA04: ??? (in /usr/sbin/winbindd)
==22502==    by 0x12F29F68: tevent_common_invoke_immediate_handler (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F29F8F: tevent_common_loop_immediate (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2FE3C: ??? (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2E056: ??? (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2925C: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F4C7: main (in /usr/sbin/winbindd)

[..]

==22502== 
==22502== 22,747,002 bytes in 21,049 blocks are possibly lost in loss record 1,075 of 1,075
==22502==    at 0x4C29F73: malloc (vg_replace_malloc.c:309)
==22502==    by 0x11D7089C: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.16)
==22502==    by 0x9027834: tcopy_passwd (in /usr/lib64/libsmbconf.so.0)
==22502==    by 0x6A1E1A3: pdb_copy_sam_account (in /usr/lib64/libsamba-passdb.so.0.27.2)
==22502==    by 0x6A28AB7: pdb_getsampwnam (in /usr/lib64/libsamba-passdb.so.0.27.2)
==22502==    by 0x65D0BC4: check_sam_security (in /usr/lib64/samba/libauth-samba4.so)
==22502==    by 0x65C70F0: ??? (in /usr/lib64/samba/libauth-samba4.so)
==22502==    by 0x65C781A: auth_check_ntlm_password (in /usr/lib64/samba/libauth-samba4.so)
==22502==    by 0x14E464: ??? (in /usr/sbin/winbindd)
==22502==    by 0x151CED: winbind_dual_SamLogon (in /usr/sbin/winbindd)
==22502==    by 0x152072: winbindd_dual_pam_auth_crap (in /usr/sbin/winbindd)
==22502==    by 0x167DE0: ??? (in /usr/sbin/winbindd)
==22502==    by 0x12F29B12: tevent_common_invoke_fd_handler (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F30086: ??? (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2E056: ??? (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2925C: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x16A243: ??? (in /usr/sbin/winbindd)
==22502==    by 0x16AA04: ??? (in /usr/sbin/winbindd)
==22502==    by 0x12F29F68: tevent_common_invoke_immediate_handler (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F29F8F: tevent_common_loop_immediate (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2FE3C: ??? (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2E056: ??? (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2925C: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F4C7: main (in /usr/sbin/winbindd)


pdb_getsampwnam() -> memcache_add_talloc(NULL, PDB_GETPWSID_CACHE, ...)
Comment 1 Andreas Schneider 2022-09-12 14:38:11 UTC 
Working on a fix ...
Comment 2 Samba QA Contact 2022-09-16 20:31:11 UTC 
This bug was referenced in samba master:

9ef2f7345f0d387567fca598cc7008af95598903
Comment 3 Jeremy Allison 2022-09-16 22:16:07 UTC 
Created attachment 17522 [details]
git-am fix for 4.17.next, 4.16.next.

Cherry-picked from master.
Comment 4 Andreas Schneider 2022-10-07 06:32:32 UTC 
Jule, please apply the patch to the relevant branches. Thanks and also to Jeremy for the patch.
Comment 5 Jule Anger 2022-10-07 08:45:54 UTC 
Pushed to autobuild-v4-{17,16}-test.
Comment 6 Samba QA Contact 2022-10-07 09:57:16 UTC 
This bug was referenced in samba v4-16-test:

7c2697e9c84ad94001d0b6aa73c6bb91a079ef78
Comment 7 Samba QA Contact 2022-10-07 10:00:12 UTC 
This bug was referenced in samba v4-17-test:

df5d4e4830795e69826af980b570c225af592822
Comment 8 Jule Anger 2022-10-07 13:09:52 UTC 
Closing out bug report.

Thanks!
Comment 9 Samba QA Contact 2022-10-19 12:25:05 UTC 
This bug was referenced in samba v4-17-stable (Release samba-4.17.1):

df5d4e4830795e69826af980b570c225af592822
Comment 10 Samba QA Contact 2022-12-15 16:34:20 UTC 
This bug was referenced in samba v4-16-stable (Release samba-4.16.8):

7c2697e9c84ad94001d0b6aa73c6bb91a079ef78