What it does: in the main loop it calls user_find to get an entry from the
users file. This one is checked, and if for example the Group restriction
does not apply, the 'result' variable is set to -1, meaning to get another
user_find, and proceed with that one, and so on.
The problem is that user_find (which calls userparse) is allocating memory
for user_check and user_reply, and this memory never gets free()-ed.
If I have six DEFAULT entries in users file and for an auth request the
fifth is matching all the check items, radiusd will allocate memory for
the five suck (user_check, user_reply) entries and then free() only the
last one, thus leaving four taking memory.
If none matches, there will be five left un-free()ed - only the last one
benefits from a pairfree() call.
The following patch is against stock radiusd 2.0.1. This was sent to
radiusd maintainers at Livingston, and Carl suggested to post it to these
lists.
Best wishes,
Cristian Gafton
-- -------------------------------------------------------------------- Cristian Gafton gafton@sorosis.ro Computers & Communications Center Network Administrator http://sysadm.sorosis.ro/devel Iasi, Romania ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ UNIX is user friendly. It's just selective about who its friends are.--- radiusd.c~ Mon Jul 7 15:43:16 1997 +++ radiusd.c Sun Aug 3 00:06:40 1997 @@ -1401,6 +1401,8 @@ if (result != -1) { break; } + pairfree(user_check); + pairfree(user_reply); } user_close(user_desc);