NetBSD Problem Report #39434
From bad@atsec.com Sat Aug 30 12:08:35 2008
Return-Path: <bad@atsec.com>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
by narn.NetBSD.org (Postfix) with ESMTP id 51AC063B8A9
for <gnats-bugs@gnats.netbsd.org>; Sat, 30 Aug 2008 12:08:35 +0000 (UTC)
Message-Id: <20080830120802.856188F@nervous-energy.atsec.com>
Date: Sat, 30 Aug 2008 14:08:02 +0200 (MEST)
From: bad@bsd.de
Reply-To: bad@bsd.de
To: gnats-bugs@gnats.NetBSD.org
Subject: libkrb5:seed_something() file descriptor leak
X-Send-Pr-Version: 3.95
>Number: 39434
>Category: lib
>Synopsis: seed_something() in libkrb5 has a file descriptor leak
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bad
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Aug 30 12:10:00 +0000 2008
>Closed-Date: Mon Sep 06 21:49:57 +0000 2010
>Last-Modified: Mon Sep 06 21:49:57 +0000 2010
>Originator: Christoph Badura
>Release: NetBSD 3.1_STABLE
>Organization:
>Environment:
System: NetBSD nervous-energy 3.1_STABLE NetBSD 3.1_STABLE (nervous-energy) #4: Fri Jul 25 06:31:02 MEST 2008 root@nervous-energy:/m/obj/m/src/sys/arch/i386/compile/nervous-energy i386
Architecture: i386
Machine: i386
>Description:
crypto/dist/heimdal/lib/krb5/crypto.c:seed_something() has an obvious file
descripto leak.
This causes, e.g. racoon using XAUTH authentication and pam_krb5 to fail
after a number of authentications.
>How-To-Repeat:
>Fix:
Apply the following patch with brings the code in question up-to-date with
revision 1.14.
Index: crypto.c
===================================================================
RCS file: /cvsroot/src/crypto/dist/heimdal/lib/krb5/crypto.c,v
retrieving revision 1.13
diff -u -r1.13 crypto.c
--- crypto.c 2 Apr 2004 14:59:48 -0000 1.13
+++ crypto.c 30 Aug 2008 12:01:23 -0000
@@ -3241,9 +3241,11 @@
if (RAND_file_name(seedfile, sizeof(seedfile))) {
fd = open(seedfile, O_RDONLY);
if (fd >= 0) {
- read(fd, buf, sizeof(buf));
- /* Use the full buffer anyway */
- RAND_add(buf, sizeof(buf), 0.0);
+ ssize_t ret;
+ ret = read(fd, buf, sizeof(buf));
+ if (ret > 0)
+ RAND_add(buf, sizeof(buf), 0.0);
+ close(fd);
} else
seedfile[0] = '\0';
} else
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: lib-bug-people->bad
Responsible-Changed-By: bad@NetBSD.org
Responsible-Changed-When: Sat, 30 Aug 2008 12:11:36 +0000
Responsible-Changed-Why:
From: Manuel Bouyer <bouyer@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/39434 CVS commit: [netbsd-4] src/crypto/dist/heimdal/lib/krb5
Date: Sun, 14 Sep 2008 20:19:58 +0000 (UTC)
Module Name: src
Committed By: bouyer
Date: Sun Sep 14 20:19:58 UTC 2008
Modified Files:
src/crypto/dist/heimdal/lib/krb5 [netbsd-4]: crypto.c
Log Message:
Apply patch (requested by bad in ticket #1193):
crypto/dist/heimdal/lib/krb5/crypto.c: patch
Fix a file descriptor leak in seed_something(), preventing pam_krb5
from leaking file descriptors. Fixes PR lib/39434.
To generate a diff of this commit:
cvs rdiff -r1.13 -r1.13.10.1 src/crypto/dist/heimdal/lib/krb5/crypto.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: bad@NetBSD.org
State-Changed-When: Mon, 06 Sep 2010 21:49:57 +0000
State-Changed-Why:
All relevant pull-ups have been done.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.