Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 16 Jul 2016 19:09:37 +0300
From: Solar Designer <solar@...nwall.com>
To: owl-dev@...ts.openwall.com
Subject: Re: passwdqc code quality

On Sat, Jul 16, 2016 at 07:05:29PM +0300, Solar Designer wrote:
> So I guess the memory leak occurs somewhere outside of the PAM module.

The leak occurs only when the target username is known to the system,
and the reported leak size varies by username length, suggesting that
the leaking asprintf() is of a string that includes the username.  We
could want to find it, but I treat this as unrelated to passwdqc.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ