Hi -
> > This is with older-than-git-master libpcp, but as this problem occurs
> > during the pmNewContext, commit 63721a89 shouldn't be related.
> >
> > % valgrind pminfo -h 'pcp://localhost?pass=jsjs'
>
> Hmm, this is not reproducible here with current dev - I see all sorts of
> krb*, sasl*, and gss* valgrind warnings from error paths in those libs,
> but nothing that seems to originate from pcp so far.
I don't see how it could appear that way to you. In fact, the problem
shows up readily on old versions of PCP on RHEL5 through git pcp on
rawhide. And indeed it is a bug in pcp, corrected thusly on
pcpfans.git fche/sasl-crash :
commit 22d1cc0b662b34f19fcdb9e5ba5af4e9005dbc40
Author: Frank Ch. Eigler <fche@xxxxxxxxxx>
Date: Tue Feb 10 11:26:39 2015 -0500
qa/720 test for memory sasl-authentication double-free
Add an item to the 720 testsuite that actually tests a sasl
authentication, not just a pcp-URL's syntactic parseability. This
test can trigger the memory double-free corrected in commit 4670799bf,
and a memory leak within cyrus-sasl (suppressed, reported as
RHBZ1191183).
commit 4670799bf275679fe4030d72f10003f7e15378fa
Author: Frank Ch. Eigler <fche@xxxxxxxxxx>
Date: Tue Feb 10 11:22:02 2015 -0500
Correct memory double-free of __pmGetAttrValue result
__pmGetAttrValue doesn't strdup its return value (and it's right
not to waste time that way). Its caller __pmAuthSecretCB thus
shouldn't free() it. (It'll be freed eventually during pcp-level
context-attribute cleanup.)
|