Re: squid-2.4 ? from Henrik Nordstrom on 2002-02-13 (squid-dev)

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Thu, 14 Feb 2002 02:12:10 +0100

On Thursday 14 February 2002 00.08, Robert Collins wrote:

> > I also think 2.5-PRE4 is a STABLE candidate.
>
> There's a mem leak somewhere in the ntlm/persistent connection
> code. It won't affect non-NTLM users.

Confirmed. It is leaking a lot there.. a couple of hundred bytes per
connection or more.

This was from a single request:

Leaked 0x8438c18 (17 bytes)
        xstrdup(): lib/util.c:608
        httpRequestFree(): src/client_side.c:799
        connStateFree(): src/client_side.c:866
        commCallCloseHandlers(): src/comm.c:572
        comm_close(): src/comm.c:640
Leaked 0x8438b88 (138 bytes + 70 bytes)
        xstrdup(): lib/util.c:608
        authenticateNTLMStart(): src/auth/ntlm/auth_ntlm.c:681
        authenticateStart(): src/authenticate.c:134
        aclLookupProxyAuthStart(): src/acl.c:1329
        aclCheck(): src/acl.c:1804

The first is easy to fix. Simply free the data after being logged.
Hmm.. I wonder why I haven't seen this leaking before.. have you
changed this recently? I have a strong memory of having run Squid
with Basic authentication and leak testing without seeing this, and
as far as I can tell it is not NTLM specific..

The second I am not entirely sure about. Think the strdup should be
taken out of there, but you know the auth code better. The following
seems to work here:

Index: auth_ntlm.c
===================================================================
RCS file: /server/cvs-server/squid/squid/src/auth/ntlm/auth_ntlm.c,v
retrieving revision 1.17
diff -u -w -r1.17 auth_ntlm.c
--- auth_ntlm.c 2001/11/30 09:53:15 1.17
+++ auth_ntlm.c 2002/02/14 01:07:44
@@ -675,10 +675,10 @@
     debug(29, 9) ("authenticateNTLMStart: auth state '%d'\n",
ntlm_request->auth_state);
     switch (ntlm_request->auth_state) {
     case AUTHENTICATE_STATE_NEGOTIATE:
- sent_string = xstrdup(ntlm_request->ntlmnegotiate);
+ sent_string = ntlm_request->ntlmnegotiate;
        break;
     case AUTHENTICATE_STATE_RESPONSE:
- sent_string = xstrdup(ntlm_request->ntlmauthenticate);
+ sent_string = ntlm_request->ntlmauthenticate;
        assert(ntlm_request->authserver);
        debug(29, 9) ("authenticateNTLMStart: Asking
NTLMauthenticator '%p'.\n", ntlm_request->authserver);
        break;

Regards
Henrik
Received on Wed Feb 13 2002 - 18:11:41 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:47 MST