Sendmail Silently-Patched Memory Leak [Deprecated]
Regarding my blog on the memory leak in Sendmail, I was wrong.
The patch fixes a minor resource-depletion issue and does not appear to have any security consequences.
I apologize for the mistake, and would like to thank Eric Allman from the sendmail team for the correction.
Sendmail silently fixed a memory leak in the recent multiple vulnerabilities patch.
The problem occurs when a buffer is set to NULL instead of freeing its memory, causing the data to be marked as being used even though there is no variable that stores the data address.
This happens when the original (buf0) buffer and the buf buffer have different addresses.
The fix was as following:
In the file: contrib/sendmail/src/conf.c
- if (buf == NULL)
- buf = buf0;
- bufsize = sizeof buf0;
+ buf = buf0;
+ bufsize = sizeof buf0;
@@ -5281,8 +5278,8 @@
(void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
"%s: %s\n", id, newstring);
#endif /* LOG */
- if (buf == buf0)
- buf = NULL;
+ if (buf != buf0)
errno = save_errno;
This advisory can be found here: http://www.securiteam.com/unixfocus/5SP0M0UI0G.html