[Pkg-openldap-devel] Bug#606815: libldap-2.4-2: memory leak when chasing referrals

Arthur de Jong adejong at debian.org
Sat Dec 11 22:50:37 UTC 2010 

Subject: libldap-2.4-2: memory leak when chasing referrals
Package: libldap-2.4-2
Version: 2.4.23-7
Severity: important
Tags: upstream patch fixed-upstream

I ran into a memory leak that affects users of nss-pam-ldapd (mainly
when using Active Directory). Would you consider including the fix for
this from OpenLDAP CVS and try to get it into squeeze?

The OpenLDAP ITS is here:
  http://www.OpenLDAP.org/its/index.cgi?findid=6744

The patch can be found here (quite minimal I think):
  http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/result.c.diff?r1=1.176&r2=1.178

Some background is here:
  http://lists.arthurdejong.org/nss-pam-ldapd-users/2010/msg00155.html

The leak adds up quickly when a referral is chased for every lookup
(leak is about 4K per request on i386 so it will add up for busy sites).

I've set the severity to important but it does break nss-pam-ldapd in
some configurations so it can be argued to be critical (breaks unrelated
software).

Anyway, thanks for considering.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.36-trunk-686 (SMP w/2 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libldap-2.4-2 depends on:
ii  libc6                     2.11.2-7       Embedded GNU C Library: Shared lib
ii  libgnutls26               2.8.6-1        the GNU TLS library - runtime libr
ii  libsasl2-2                2.1.23.dfsg1-6 Cyrus SASL - authentication abstra

-- 
-- arthur - adejong at debian.org - http://people.debian.org/~adejong --
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20101211/3ef60e0c/attachment.pgp>

More information about the Pkg-openldap-devel mailing list