| Summary: | Bugfix release: fixed memory leak in polkit | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Sander Lepik <mageia> |
| Component: | RPM Packages | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | normal | ||
| Priority: | Normal | CC: | davidwhodgins, geiger.david68210, ovilewade9, sysadmin-bugs |
| Version: | 4 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | has_procedure mga4-32-ok MGA4-64-OK advisory | ||
| Source RPM: | polkit-0.112-2.mga4.src.rpm | CVE: | |
| Status comment: | |||
| Attachments: |
script to test the memleak
script to prepare ssh keys for testing |
||
Created attachment 5995 [details]
script to test the memleak
Created attachment 5996 [details]
script to prepare ssh keys for testing
Sander Lepik
2015-03-05 16:37:19 CET
Whiteboard:
(none) =>
has_procedure Do you also have a handy script to remove the key from authorized_keys? sed -i '$ d' ~/.ssh/authorized_keys && rm -f ~/.ssh/mem_leak_test* The first command deletes last line from authorized_keys. Tested mga4_32, Testing complete for polkit-0.112-2.1.mga4, I confirm that it fixes the polkit memory leak issue: ------------------------------------------------------------------------- Before: [david@localhost tmp]$ ./prepare_ssh Just press enter twice Generating public/private dsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/david/.ssh/mem_leak_test. Your public key has been saved in /home/david/.ssh/mem_leak_test.pub. The key fingerprint is: 07:cd:91:e1:bf:1e:3b:92:8d:4f:b4:30:82:17:f2:aa david@localhost The key's randomart image is: +--[ DSA 1024]----+ | oo | | +.. | | . o + | | + o . | | . S + o | | o o + o | | . += | | . +ooo | | E o+. | +-----------------+ [david@localhost tmp]$ ./mem_leak Memory usage before: 38068 Warning: Permanently added 'localhost' (RSA) to the list of known hosts. Memory usage after: 77284 Here there is a big difference (twice) !! -------------------------------------------------------------------------- After: [david@localhost tmp]$ ./mem_leak Memory usage before: 30484 Memory usage after: 30868 Here the difference is very very small. :) CC:
(none) =>
geiger.david68210 Tested mga4_64, Testing complete for polkit-0.112-2.1.mga4, I confirm that it fixes the polkit memory leak issue too: ------------------------------------------------------------------------- Before: [david@localhost tmp]$ ./prepare_ssh Just press enter twice Generating public/private dsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/david/.ssh/mem_leak_test. Your public key has been saved in /home/david/.ssh/mem_leak_test.pub. The key fingerprint is: 1b:cd:44:31:92:bd:ac:97:fd:51:bc:67:9d:a5:50:4e david@localhost.localdomain The key's randomart image is: +--[ DSA 1024]----+ | .o+. | | .o.. E | | ... + . | | +o . . +| | S.oo . o=| | .oo . oo+| | .. . o.| | . | | | +-----------------+ [david@localhost tmp]$ ./mem_leak Memory usage before: 38616 Warning: Permanently added 'localhost' (RSA) to the list of known hosts. Memory usage after: 118040 Here there is a big difference (three times) !! -------------------------------------------------------------------------- After: [david@localhost tmp]$ ./mem_leak Memory usage before: 38356 Memory usage after: 39748 Here the difference is very very small. :) Validating the update. Someone from the sysadmin team please push 15432.adv from Magiea 4 updates testing to updates. Whiteboard:
has_procedure mga4-32-ok =>
has_procedure mga4-32-ok MGA4-64-OK advisory An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGAA-2015-0022.html Resolution:
(none) =>
FIXED
jack wisdon
2020-06-06 18:36:39 CEST
CC:
(none) =>
ovilewade9 |
Description of problem: There is major memory leak in polkit that causes kded4 and dbus-daemon leak memory. I have uploaded a patched package for Mageia 4. You need a running KDE to test this leak. You can test this by by downloading two attached scripts and following those steps: 1. Install openssh-server (only these commands as root: urpmi openssh-server; systemctl start sshd) 2. Download attached scripts and make them executable: chmod +x mem_leak prepare_ssh 3. Run prepare_ssh to generate keys for testing (just press enter twice, don't enter any passwords): ./prepare_ssh 4. Run mem_leak to test the leak ./mem_leak 5. Memory usage should differ quite a lot, if not then your system is not affected by this leak and you should just test that everything is working OK 6. Install patched packages from updates_testing 7. Reboot 8. Repeat step #4 9. The difference in memory usage shouldn't be too big Suggested advisory: ======================== Policykit-1 doesn't release reference counters of GVariant data for org.freedesktop.PolicyKit1.Authority.EnumerateActions dbus call. This update fixes reference counting and following memory leak. References: https://bugs.kde.org/show_bug.cgi?id=271934 https://bugs.freedesktop.org/show_bug.cgi?id=88288 ======================== Updated packages in core/updates_testing: ======================== lib(64)polkit1-devel-0.112-2.1.mga4 lib(64)polkit1_0-0.112-2.1.mga4 lib(64)polkit-gir1.0-0.112-2.1.mga4 polkit-0.112-2.1.mga4 polkit-desktop-policy-0.112-2.1.mga4 Source RPMs: polkit-0.112-2.1.mga4.src.rpm Reproducible: Steps to Reproduce: