Memory leak in libcrypt.so
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
glibc (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
ubuntu version: 16.04 LTS (also seen in 14.04 and suspect all versions)
glibc version: 2.23
Repeatedly opening libcrypt.so, calling crypt and closing libcrypt.so leaks memory. I believe the issue is with static arrays which are allocated on demand but never deallocated. See both md5-crypt.c and sha256-crypt.c: both these files have a static buffer:
libc_freeres_ptr (static char *buffer);
which is allocated by the __md5_crypt and __sha256_crypt functions respectively.
This is not a pathological issue. I have encountered it in a real world use case. The following describes the situation in which it occurred.
- A continuously running process uses PAM to perform authentication.
- PAM module used relies on crypt function call.
- Each call to auth causes libcrypt.so to be loaded and unloaded.
- Result: Small leak in main process each time auth is performed.
Workaround was to force a dependency in the main processes source code on libcrypt.so thus keeping the library permanently in memory.
I suspect this may be a bug destined for glibc itself rather than the Ubuntu distribution but, as per glibc guidelines, I'm reporting it here first. I haven't investigated the source code in enough detail yet to conclude where the responsibility for the bug lies.
Repo case. Compile with gcc main.cpp -ldl