Project

General

Profile

Bug #4917

libshare_nfs: s_rootnames leaks

Added by Marcel Telka over 5 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Low
Assignee:
Category:
lib - userland libraries
Start date:
2014-06-09
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage

Description

# LD_PRELOAD_32=/usr/lib/fs/nfs/libshare_nfs.so.1 UMEM_DEBUG=default dtrace -32 -w -n 'pid$target::main:return {raise(6)} pid$target::nfs_get_root_principal:entry{}' -c "share -o sec=dh,root=@10.0.0.1 /tmp" 
dtrace: description 'pid$target::main:return ' matched 3 probes
dtrace: allowing destructive actions
AUTOFS plugin not installed properly
dtrace: pid 5036 terminated by SIGABRT
CPU     ID                    FUNCTION:NAME
  0  64841     nfs_get_root_principal:entry 

# echo "::findleaks -d" | mdb core
CACHE     LEAKED   BUFCTL CALLER
08075c10       1 080edb08 libc.so.1`strdup+0x2e
------------------------------------------------------------------------
   Total       1 buffer, 24 bytes

umem_alloc_24 leak: 1 buffer, 24 bytes
            ADDR          BUFADDR        TIMESTAMP           THREAD
                            CACHE          LASTLOG         CONTENTS
         80edb08          80eaad0    12cece9bb7800                1
                          8075c10                0                0
                 libumem.so.1`umem_cache_alloc_debug+0x1fe
                 libumem.so.1`umem_cache_alloc+0x18f
                 libumem.so.1`umem_alloc+0x50
                 libumem.so.1`umem_malloc+0x36
                 libc.so.1`strdup+0x2e
                 libshare_nfs.so.1`nfs_get_root_principal+0x80
                 libshare_nfs.so.1`get_rootnames+0xc3
                 libshare_nfs.so.1`fill_security_from_secopts+0x19a
                 libshare_nfs.so.1`nfs_enable_share+0x323
                 libshare.so.1`sa_proto_share+0x24
                 libshare.so.1`sa_enable_share+0xa3
                 sa_legacy_share+0x5f3
                 run_command+0x4c
                 main+0x104
                 _start+0x83

#

The s_rootnames in struct secinfo is an allocated array of pointers to allocated strings. All of that is allocated in get_rootnames() and nfs_get_root_principal() respectively.

During the s_rootnames deallocation we free only the array, but not the particular strings.

History

#1

Updated by Marcel Telka over 5 years ago

  • Status changed from In Progress to Pending RTI
#2

Updated by Electric Monk over 5 years ago

  • Status changed from Pending RTI to Closed
  • % Done changed from 0 to 100

git commit 3253d86fb73285619825921040bf0262898cf3f8

commit  3253d86fb73285619825921040bf0262898cf3f8
Author: Marcel Telka <marcel.telka@nexenta.com>
Date:   2014-06-13T21:58:11.000Z

    4917 libshare_nfs: s_rootnames leaks
    Reviewed by: Dan McDonald <danmcd@omniti.com>
    Reviewed by: Serghei Samsi <sscdvp@gmail.com>
    Approved by: Robert Mustacchi <rm@joyent.com>

Also available in: Atom PDF