From ec61ae59a5d009a9e80f3bfa9a2aa5f5dfa05551 Mon Sep 17 00:00:00 2001 From: teor Date: Thu, 25 May 2017 12:30:21 +1000 Subject: [PATCH] Stop leaking keypin-rejected routerinfos on directory authorities When directory authorities reject a router descriptor due to keypinning, free the router descriptor rather than leaking the memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha. --- changes/bug22370 | 4 ++++ src/or/dirserv.c | 7 ++++++- 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 changes/bug22370 diff --git a/changes/bug22370 b/changes/bug22370 new file mode 100644 index 000000000..e0e87e333 --- /dev/null +++ b/changes/bug22370 @@ -0,0 +1,4 @@ + o Minor bugfixes (memory handling): + - When directory authorities reject a router descriptor due to keypinning, + free the router descriptor rather than leaking the memory. + Fixes bug 22370; bugfix on 0.2.7.2-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index fedbe51b4..72441081c 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -626,7 +626,11 @@ dirserv_add_multiple_descriptors(const char *desc, uint8_t purpose, * passed back to the origin of this descriptor, or NULL if there is no such * message. Use source to produce better log messages. * - * Return the status of the operation + * If ri is not added to the list of server descriptors, free it. + * That means the caller must not access ri after this function + * returns, since it might have been freed. + * + * Return the status of the operation. * * This function is only called when fresh descriptors are posted, not when * we re-load the cache. @@ -699,6 +703,7 @@ dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source) "its key did not match an older RSA/Ed25519 keypair", router_describe(ri), source); *msg = "Looks like your keypair does not match its older value."; + routerinfo_free(ri); return ROUTER_AUTHDIR_REJECTS; }