Bug 15712 - sdb_entry_free seems to have not fully released the requested resources
Summary: sdb_entry_free seems to have not fully released the requested resources
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.19.8
Hardware: x64 Linux
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-09-10 09:05 UTC by ze yue
Modified: 2024-09-14 06:15 UTC (History)
1 user (show)

See Also:


Attachments
the modifications I attempted to make (3.53 KB, text/plain)
2024-09-10 09:05 UTC, ze yue
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description ze yue 2024-09-10 09:05:49 UTC
Created attachment 18438 [details]
the modifications I attempted to make

Overview: 
 During the business processing of the kdc service, it seems that some resources sdb_entry_free have not been fully released in order to obtain the sdb entry constructed for the hdb entry.

Steps to Reproduce:
 1) Continuously perform kdc business service processing, such as kinit.
 2) Keep the kdc service running for a long time.

Actual Results: 
 The server resource memory is continuously occupied until 100%.

Expected Results: 
 Server memory resources should not be 100% available without business requests.


other:

I found that the server memory keeps rising while using the built-in kdc service of samba. Based on this issue, I used the Valgrind tool, and the main information in the Valgrind report is as follows:

==16375== 56 bytes in 4 blocks are indirectly lost in loss record 33 of 420
==16375==    at 0x4C29F73: malloc (vg_replace_malloc.c:309)
==16375==    by 0xDA9754D: krb5_data_alloc (data.c:101)
==16375==    by 0xDA97615: krb5_data_copy (data.c:149)
==16375==    by 0xC9CD117: smb_krb5_copy_data_contents (krb5_samba.c:936)
==16375==    by 0xA87E4C3: samba_kdc_fill_user_keys (db-glue.c:514)
==16375==    by 0xA87F03C: samba_kdc_message2entry_keys (db-glue.c:842)
==16375==    by 0xA88035C: samba_kdc_message2entry (db-glue.c:1594)
==16375==    by 0xA881ED0: samba_kdc_fetch_krbtgt (db-glue.c:2466)
==16375==    by 0xA882EF3: samba_kdc_fetch (db-glue.c:2964)
==16375==    by 0x20F41929: hdb_samba4_fetch_kvno (hdb-samba4.c:153)
==16375==    by 0x2116D9D1: fetch_it (common.c:1661)
==16375==    by 0x2116DCB1: hdb_fetch_kvno (common.c:1785)

The above is a brief message. After my investigation, I have some doubts about these locations. Has there been a memory leak?
1.entry->max_life = malloc(sizeof(*entry->max_life)); [ source4/kdc/db-glue.c:1396]
2.entry->max_renew = malloc(sizeof(*entry->max_renew));[source4/kdc/db-glue.c:1416]
3.ret = sdb_entry_set_etypes(entry);[source4/kdc/db-glue.c:1638]
4.ret = sdb_entry_set_session_etypes(entry,
add_aes256,
add_aes128,
add_rc4);[source4/kdc/db-glue.c:1650]
5.entry->keys.len = 1;[source4/kdc/db-glue.c:1687]

I hope you can give me a reply when you have time. As a student, I am deeply puzzled.
The attachment is the modification I made when I discovered the problem.

Thank you very much,

Best regards,