The GSSAPI code leaks memory. Here's an address-sanitizer output:
Direct leak of 378 byte(s) in 14 object(s) allocated from:
#0 0x773c656fd9c7 in malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x773c6559521b in zmq::gssapi_mechanism_base_t::encode_message(zmq::msg_t*) src/gssapi_mechanism_base.cpp:61
#2 0x773c65599e3a in zmq::gssapi_mechanism_base_t::produce_ready(zmq::msg_t*) src/gssapi_mechanism_base.cpp:302
#3 0x773c65599e3a in zmq::gssapi_server_t::next_handshake_command(zmq::msg_t*) src/gssapi_server.cpp:55
#4 0x773c655c8bcd in zmq::stream_engine_base_t::next_handshake_command(zmq::msg_t*) src/stream_engine_base.cpp:459
#5 0x773c655c44b7 in zmq::stream_engine_base_t::out_event() src/stream_engine_base.cpp:326
#6 0x773c655961e8 in zmq::io_thread_t::in_event() src/io_thread.cpp:64
#7 0x773c65595118 in zmq::epoll_t::loop() src/epoll.cpp:183
#8 0x773c655c1f08 in thread_routine src/thread.cpp:229
#9 0x773c6565ea41 in asan_thread_start ../../../../src/libsanitizer/asan/asan_interceptors.cpp:234
#10 0x773c6529caa3 in start_thread nptl/pthread_create.c:447
The issue is that the buffer containing the plain-text passed to gss_wrap is not freed so every message is leaked.
The GSSAPI code leaks memory. Here's an address-sanitizer output:
The issue is that the buffer containing the plain-text passed to
gss_wrapis not freed so every message is leaked.