Comment 1 for bug 292971

Revision history for this message
Doug Engert (deengert) wrote :

A memory leak in libnss-ldap over time can cause the nscd
process to grow extremely large. For example one nscd
process that had been running for three months was using
6GB of swap!

The problem is in the original Padl nss-ldap in at least versions
258, 261 and 265. Ubuntu Hardy uses 258, Karmic uses 261, and
the Padl current release is 265.

The ldap-nss.c do_init() may be called more then once,
to initialize an ldap session and save the session in
in __session.ls_conn and set the __session.ls_stat = LD_INITIALIZED
But it does not check the state to see if has be initialized,
and at line 1239: __session.ls_conn = NULL;

The attached patch to to the libnss-ldap_261-2.1Ubuntu4 fixes
the problem, by testing __session.ls_stat == LD_INITIALIZED

The ldap-nss.c also has a patch to call do_close twice that
I had previously turned it to Padl and is now in 265.

For testing purposes, the patch also adds atexit(do_atexit);
and a do_atexit routine to call do_close. This will then cause
the last session to be be freed. This make it much easier to
use valgrind to check for memory leaks. (in the nscd.c in lib6c
the _exit was change to exit so the atexit would be called.)

Debug versions of nscd and libnss-ldap where created, and
and used with valgrind to track down the memory leaks.
Attached is a script used with valgrind. The LD_PRELOAD was
needed so dynamic libs would not be unloaded, and valgrind
could find the symbol tables.