[ntp:security] memory leak

Danny Mayer mayer at ntp.isc.org
Tue Jan 22 13:37:19 UTC 2008

Martin Burnicki wrote:
> Danny Mayer wrote:
>> I am testing a fix for this. While it will increase memory requirements
>> slightly, it will be almost unnoticeable. I'm basically saving the
>> messages and their codes so once it's been looked up it's there in
>> memory and it won't allocate more memory.
> Uuh, this is a real ugly hack. However, since this is finally used as a 
> replacement for strerror() there seems to be no better solution. 

Well, it's not that ugly and only causes a minor increase in memory. The 
only way to fix this properly is to not use strerror() and use ISC's 
isc_strerror() which passes a buffer to store the message string. You 
would then have control inside the isc_strerror() function to free the 
memory. This is what we do in BIND9. I can do this inside msyslog, but 
there are other places that strerror() gets called, mainly the refclocks.

> The only alternative way would be to use a static string inside the function, 
> which can be set up accordingly and it's address being returned. But that's 
> not thread-safe.

Well what I implemented *is* thread-safe. There is no way to statically 
allocate memory since you don't know how many messages you'd need.

> Martin

More information about the security mailing list