Memory leak KRB5A & libkrb5.a

Introduction:
Currently there is a memory leak in both the KRB5A load module and the libkrb5 library in AIX. The KRB5A load module is shipped with AIX whereas the libkrb5.a library is shipped with the krb5.client.rte fileset in NAS (Network Authentication Service), which is IBM's version of Kerberos

Impacted:
- All AIX versions up till now
http://www-933.ibm.com/eserver/support/fixes/fixcentral/pfixpacks/53
http://www-933.ibm.com/eserver/support/fixes/fixcentral/pfixpacks/61
- IBM Network Authentication Service <= 1.4.0.8

Details:
# lsuser -a SYSTEM sidsmig
sidsmig SYSTEM=KRB5A
# cat /usr/lib/security/methods.cfg | grep -ip KRB5A
KRB5A:
    program = /usr/lib/security/KRB5A
    program_64 = /usr/lib/security/KRB5A_64
    options = authonly

The following C test program was used in PMR 69409.300.624

#include <stdio.h>
#include <usersec.h>

int main(int argc,char** argv){
   while(1){
      int reenter;
      char* msg;
      authenticate(argv[1], argv[2], &reenter, &msg);
      if(msg) {
         free(msg)
         break;
      }
   }
}

An increasing process working segment could be noticed with either ps gv or svmon -P when user sidsmig authenticates to the system.

Resolution:
- APAR IZ43820 was created to address this issue.