base/SOURCES/Fix-most-memory-leaks.patch

From 9f9ab1e13c72b7c1fd06b6ba085ba2853bb9c3ca Mon Sep 17 00:00:00 2001
From: Alexander Scheel <ascheel@redhat.com>
Date: Thu, 29 Jun 2017 10:59:46 -0400
Subject: [PATCH] Fix most memory leaks

Signed-off-by: Alexander Scheel <ascheel@redhat.com>
[rharwood@redhat.com: commit message, whitespace]
Reviewed-by: Robbie Harwood <rharwood@redhat.com>
Merges: #203
Related: #176
(cherry picked from commit 470cf4d745d57f0597124a35b2faf86ba1107bb5)
[rharwood@redhat.com: backport around missing program support]
---
 proxy/src/gp_config.c            |  1 +
 proxy/src/gp_creds.c             |  2 ++
 proxy/src/gp_export.c            |  3 ++-
 proxy/src/gp_rpc_acquire_cred.c  | 17 ++++++++++------
 proxy/src/gssproxy.c             | 42 ++++++++++++++++++++++++++++------------
 proxy/src/mechglue/gpp_context.c |  2 ++
 proxy/tests/t_acquire.c          |  3 +++
 7 files changed, 51 insertions(+), 19 deletions(-)

diff --git a/proxy/src/gp_config.c b/proxy/src/gp_config.c
index a671333..b4ab90c 100644
--- a/proxy/src/gp_config.c
+++ b/proxy/src/gp_config.c
@@ -75,6 +75,7 @@ static void gp_service_free(struct gp_service *svc)
         free_cred_store_elements(&svc->krb5.store);
         gp_free_creds_handle(&svc->krb5.creds_handle);
     }
+    free(svc->socket);
     SELINUX_context_free(svc->selinux_ctx);
     memset(svc, 0, sizeof(struct gp_service));
 }
diff --git a/proxy/src/gp_creds.c b/proxy/src/gp_creds.c
index fdc6bdf..2cb4ce7 100644
--- a/proxy/src/gp_creds.c
+++ b/proxy/src/gp_creds.c
@@ -1049,6 +1049,8 @@ uint32_t gp_count_tickets(uint32_t *min, gss_cred_id_t cred, uint32_t *ccsum)
             goto done;
         }
 
+        krb5_free_cred_contents(context, &creds);
+
         /* TODO: Should we do a real checksum over all creds->ticket data and
          * flags in future ? */
         (*ccsum)++;
diff --git a/proxy/src/gp_export.c b/proxy/src/gp_export.c
index 4e081df..ab08bb7 100644
--- a/proxy/src/gp_export.c
+++ b/proxy/src/gp_export.c
@@ -47,7 +47,7 @@ uint32_t gp_init_creds_with_keytab(uint32_t *min, const char *svc_name,
     krb5_keytab ktid = NULL;
     krb5_kt_cursor cursor;
     krb5_keytab_entry entry;
-    krb5_enctype *permitted;
+    krb5_enctype *permitted = NULL;
     uint32_t ret_maj = 0;
     uint32_t ret_min = 0;
     int ret;
@@ -127,6 +127,7 @@ uint32_t gp_init_creds_with_keytab(uint32_t *min, const char *svc_name,
     ret_maj = GSS_S_COMPLETE;
 
 done:
+    krb5_free_enctypes(handle->context, permitted);
     if (ktid) {
         (void)krb5_kt_close(handle->context, ktid);
     }
diff --git a/proxy/src/gp_rpc_acquire_cred.c b/proxy/src/gp_rpc_acquire_cred.c
index fcb4fbe..7ddb427 100644
--- a/proxy/src/gp_rpc_acquire_cred.c
+++ b/proxy/src/gp_rpc_acquire_cred.c
@@ -130,17 +130,18 @@ int gp_acquire_cred(struct gp_call_ctx *gpcall,
         }
     }
 
-    acr->output_cred_handle = calloc(1, sizeof(gssx_cred));
-    if (!acr->output_cred_handle) {
-        ret_maj = GSS_S_FAILURE;
-        ret_min = ENOMEM;
-        goto done;
-    }
 
     if (out_cred == in_cred) {
         acr->output_cred_handle = aca->input_cred_handle;
         aca->input_cred_handle = NULL;
     } else {
+        acr->output_cred_handle = calloc(1, sizeof(gssx_cred));
+        if (!acr->output_cred_handle) {
+            ret_maj = GSS_S_FAILURE;
+            ret_min = ENOMEM;
+            goto done;
+        }
+
         ret_maj = gp_export_gssx_cred(&ret_min, gpcall,
                                       &out_cred, acr->output_cred_handle);
         if (ret_maj) {
@@ -154,6 +155,10 @@ done:
 
     GPRPCDEBUG(gssx_res_acquire_cred, acr);
 
+    if (add_out_cred != &in_cred && add_out_cred != &out_cred)
+        gss_release_cred(&ret_min, add_out_cred);
+    if (in_cred != out_cred)
+        gss_release_cred(&ret_min, &in_cred);
     gss_release_cred(&ret_min, &out_cred);
     gss_release_oid_set(&ret_min, &use_mechs);
     gss_release_oid_set(&ret_min, &desired_mechs);
diff --git a/proxy/src/gssproxy.c b/proxy/src/gssproxy.c
index a020218..5c5937d 100644
--- a/proxy/src/gssproxy.c
+++ b/proxy/src/gssproxy.c
@@ -157,7 +157,7 @@ int main(int argc, const char *argv[])
     verto_ctx *vctx;
     verto_ev *ev;
     int wait_fd;
-    int ret;
+    int ret = -1;
 
     struct poptOption long_options[] = {
         POPT_AUTOHELP
@@ -187,13 +187,17 @@ int main(int argc, const char *argv[])
             fprintf(stderr, "\nInvalid option %s: %s\n\n",
                     poptBadOption(pc, 0), poptStrerror(opt));
             poptPrintUsage(pc, stderr, 0);
-            return 1;
+
+            ret = 1;
+            goto cleanup;
         }
     }
 
     if (opt_version) {
         puts(VERSION""DISTRO_VERSION""PRERELEASE_VERSION);
-        return 0;
+        poptFreeContext(pc);
+        ret = 0;
+        goto cleanup;
     }
 
     if (opt_debug || opt_debug_level > 0) {
@@ -204,7 +208,8 @@ int main(int argc, const char *argv[])
     if (opt_daemon && opt_interactive) {
         fprintf(stderr, "Option -i|--interactive is not allowed together with -D|--daemon\n");
         poptPrintUsage(pc, stderr, 0);
-        return 1;
+        ret = 0;
+        goto cleanup;
     }
 
     if (opt_interactive) {
@@ -218,7 +223,8 @@ int main(int argc, const char *argv[])
                                 opt_config_socket,
                                 opt_daemon);
     if (!gpctx->config) {
-        exit(EXIT_FAILURE);
+        ret = EXIT_FAILURE;
+        goto cleanup;
     }
 
     init_server(gpctx->config->daemonize, &wait_fd);
@@ -229,7 +235,8 @@ int main(int argc, const char *argv[])
     if (!vctx) {
         fprintf(stderr, "Failed to initialize event loop. "
                         "Is there at least one libverto backend installed?\n");
-        return 1;
+        ret = 1;
+        goto cleanup;
     }
     gpctx->vctx = vctx;
 
@@ -237,12 +244,13 @@ int main(int argc, const char *argv[])
     ev = verto_add_signal(vctx, VERTO_EV_FLAG_PERSIST, hup_handler, SIGHUP);
     if (!ev) {
         fprintf(stderr, "Failed to register SIGHUP handler with verto!\n");
-        return 1;
+        ret = 1;
+        goto cleanup;
     }
 
     ret = init_sockets(vctx, NULL);
     if (ret != 0) {
-        return ret;
+        goto cleanup;
     }
 
     /* We need to tell nfsd that GSS-Proxy is available before it starts,
@@ -256,12 +264,14 @@ int main(int argc, const char *argv[])
 
     ret = drop_privs(gpctx->config);
     if (ret) {
-        exit(EXIT_FAILURE);
+        ret = EXIT_FAILURE;
+        goto cleanup;
     }
 
     ret = gp_workers_init(gpctx);
     if (ret) {
-        exit(EXIT_FAILURE);
+        ret = EXIT_FAILURE;
+        goto cleanup;
     }
 
     verto_run(vctx);
@@ -271,9 +281,17 @@ int main(int argc, const char *argv[])
 
     fini_server();
 
-    poptFreeContext(pc);
 
     free_config(&gpctx->config);
+    free(gpctx);
 
-    return 0;
+    ret = 0;
+
+cleanup:
+    poptFreeContext(pc);
+    free(opt_config_file);
+    free(opt_config_dir);
+    free(opt_config_socket);
+
+    return ret;
 }
diff --git a/proxy/src/mechglue/gpp_context.c b/proxy/src/mechglue/gpp_context.c
index 2f41e4f..69e69e0 100644
--- a/proxy/src/mechglue/gpp_context.c
+++ b/proxy/src/mechglue/gpp_context.c
@@ -362,6 +362,8 @@ OM_uint32 gssi_delete_sec_context(OM_uint32 *minor_status,
         }
     }
 
+    free(ctx);
+
     return rmaj;
 }
 
diff --git a/proxy/tests/t_acquire.c b/proxy/tests/t_acquire.c
index 2bb7706..5334565 100644
--- a/proxy/tests/t_acquire.c
+++ b/proxy/tests/t_acquire.c
@@ -132,5 +132,8 @@ done:
     gss_release_buffer(&ret_min, &in_token);
     gss_release_buffer(&ret_min, &out_token);
     gss_release_cred(&ret_min, &cred_handle);
+    gss_release_name(&ret_min, &target_name);
+    gss_delete_sec_context(&ret_min, &init_ctx, GSS_C_NO_BUFFER);
+    gss_delete_sec_context(&ret_min, &accept_ctx, GSS_C_NO_BUFFER);
     return ret;
 }