r17856@catbus: nickm | 2008-01-30 18:45:36 -0500

Backport leak fixes from r13148. svn:r13343
2008-01-30 23:46:02 +00:00 · 2008-01-30 23:46:02 +00:00 · 76ca012a3b
parent 2a9ba2e257
commit 76ca012a3b
8 changed files with 26 additions and 8 deletions
--- a/3
+++ b/3
@ -2,6 +2,9 @@ Changes in versino 0.1.2.20 - 2008-??-??
  o Minor bugfixes
    - Stop recommending that every server operator send mail to tor-ops.
      Resolves bug 597.
+    - Fix a few memory leaks that could in theory happen under bizarre error
+      conditions.
+

 Changes in version 0.1.2.19 - 2008-01-17
  Tor 0.1.2.19 fixes a huge memory leak on exit relays, makes the default
--- a/src/or/config.c
+++ b/src/or/config.c
@ -936,6 +936,8 @@ options_act(or_options_t *old_options)
      if (parse_redirect_line(sl, cl, &errmsg)<0) {
        log_warn(LD_CONFIG, "%s", errmsg);
        tor_free(errmsg);
+        SMARTLIST_FOREACH(sl, exit_redirect_t *, er, tor_free(er));
+        smartlist_free(sl);
        return -1;
      }
    }
@ -1808,6 +1810,7 @@ list_torrc_options(void)
      smartlist_clear(lines);
    }
  }
+  smartlist_free(lines);
 }

 /** Last value actually set by resolve_my_address. */
--- a/src/or/control.c
+++ b/src/or/control.c
@ -668,6 +668,7 @@ control_setconf_helper(control_connection_t *conn, uint32_t len, char *body,
            connection_write_str_to_buf("551 Couldn't parse string\r\n", conn);
            SMARTLIST_FOREACH(entries, char *, cp, tor_free(cp));
            smartlist_free(entries);
+            tor_free(key);
            return 0;
          }
        }
@ -1276,6 +1277,7 @@ getinfo_helper_dir(control_connection_t *control_conn,
    res = dirserv_get_routerdescs(descs, url, &msg);
    if (res) {
      log_warn(LD_CONTROL, "getinfo '%s': %s", question, msg);
+      smartlist_free(descs);
      return -1;
    }
    SMARTLIST_FOREACH(descs, signed_descriptor_t *, sd,
--- a/src/or/onion.c
+++ b/src/or/onion.c
@ -335,14 +335,14 @@ onion_skin_client_handshake(crypto_dh_env_t *handshake_state,
  len = crypto_dh_compute_secret(handshake_state, handshake_reply, DH_KEY_LEN,
                                 key_material, 20+key_out_len);
  if (len < 0)
-    return -1;
+    goto err;

  if (memcmp(key_material, handshake_reply+DH_KEY_LEN, 20)) {
    /* H(K) does *not* match. Something fishy. */
    tor_free(key_material);
    log_warn(LD_PROTOCOL,"Digest DOES NOT MATCH on onion handshake. "
             "Bug or attack.");
-    return -1;
+    goto err;
  }

  /* use the rest of the key material for our shared keys, digests, etc */
@ -356,6 +356,9 @@ onion_skin_client_handshake(crypto_dh_env_t *handshake_state,

  tor_free(key_material);
  return 0;
+ err:
+  tor_free(key_material);
+  return -1;
 }

 /** Implement the server side of the CREATE_FAST abbreviated handshake.  The
@ -428,6 +431,7 @@ fast_client_handshake(const char *handshake_state, /* DIGEST_LEN bytes */
    /* H(K) does *not* match. Something fishy. */
    log_warn(LD_PROTOCOL,"Digest DOES NOT MATCH on fast handshake. "
             "Bug or attack.");
+    tor_free(out);
    return -1;
  }
  memcpy(key_out, out+DIGEST_LEN, key_out_len);
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@ -254,6 +254,7 @@ rend_config_services(or_options_t *options, int validate_only)
        log_warn(LD_CONFIG,
                 "Got multiple HiddenServiceNodes lines for a single "
                 "service.");
+        rend_service_free(service);
        return -1;
      }
      service->intro_prefer_nodes = tor_strdup(line->value);
@ -263,6 +264,7 @@ rend_config_services(or_options_t *options, int validate_only)
        log_warn(LD_CONFIG,
                 "Got multiple HiddenServiceExcludedNodes lines for "
                 "a single service.");
+        rend_service_free(service);
        return -1;
      }
      service->intro_exclude_nodes = tor_strdup(line->value);
@ -553,7 +555,7 @@ rend_service_introduce(origin_circuit_t *circuit, const char *request,
  if (len != REND_COOKIE_LEN+DH_KEY_LEN) {
    log_warn(LD_PROTOCOL, "Bad length %u for INTRODUCE2 cell.", (int)len);
    reason = END_CIRC_REASON_TORPROTOCOL;
-    return -1;
+    goto err;
  }

  r_cookie = ptr;
--- a/src/or/router.c
+++ b/src/or/router.c
@ -249,8 +249,10 @@ init_keys(void)
  if (!server_mode(options)) {
    if (!(prkey = crypto_new_pk_env()))
      return -1;
-    if (crypto_pk_generate_key(prkey))
+    if (crypto_pk_generate_key(prkey)) {
+      crypto_free_pk_env(prkey);
      return -1;
+    }
    set_identity_key(prkey);
    /* Create a TLS context; default the client nickname to "client". */
    if (tor_tls_context_new(get_identity_key(),
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@ -619,14 +619,14 @@ router_pick_trusteddirserver_impl(authority_type_t type,
  routerstatus_t *result;
  time_t now = time(NULL);

+  if (!trusted_dir_servers)
+    return NULL;
+
  direct = smartlist_create();
  tunnel = smartlist_create();
  overloaded_direct = smartlist_create();
  overloaded_tunnel = smartlist_create();

-  if (!trusted_dir_servers)
-    return NULL;
-
  SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, d,
    {
      int is_overloaded =
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@ -533,6 +533,7 @@ find_dir_signing_key(const char *str)
  }
  if (tok->tp != K_DIR_SIGNING_KEY) {
    log_warn(LD_DIR, "Dir-signing-key token did not parse as expected");
+    token_free(tok);
    return NULL;
  }

@ -541,6 +542,7 @@ find_dir_signing_key(const char *str)
    tok->key = NULL; /* steal reference. */
  } else {
    log_warn(LD_DIR, "Dir-signing-key token contained no key");
+    token_free(tok);
    return NULL;
  }

@ -778,7 +780,7 @@ router_parse_entry_from_string(const char *s, const char *end,

  if (router_get_router_hash(s, digest) < 0) {
    log_warn(LD_DIR, "Couldn't compute router hash.");
-    return NULL;
+    goto err;
  }
  tokens = smartlist_create();
  if (tokenize_string(s,end,tokens,RTR)) {