diff options
-rw-r--r-- | changes/bug7816_023 | 7 | ||||
-rw-r--r-- | changes/bug7816_023_small | 3 | ||||
-rw-r--r-- | src/common/log.c | 4 | ||||
-rw-r--r-- | src/common/util.c | 4 | ||||
-rw-r--r-- | src/or/connection.c | 4 | ||||
-rw-r--r-- | src/or/control.c | 2 | ||||
-rw-r--r-- | src/or/geoip.c | 5 |
7 files changed, 26 insertions, 3 deletions
diff --git a/changes/bug7816_023 b/changes/bug7816_023 new file mode 100644 index 0000000000..a4530292cc --- /dev/null +++ b/changes/bug7816_023 @@ -0,0 +1,7 @@ + o Minor bugfixes (memory leak, controller): + - Fix a memory leak during safe-cookie controller authentication. + Spotted by Coverity. Fixes part of bug 7816; bugfix on 0.2.3.13-alpha. + + o Minor bugfixes (memory leak, HTTPS proxy support): + - Fix a memory leak when receiving headers from an HTTPS proxy. + Spotted by Coverity. Fixes part of bug 7816; bugfix on 0.2.1.1-alpha. diff --git a/changes/bug7816_023_small b/changes/bug7816_023_small new file mode 100644 index 0000000000..cd90f035f1 --- /dev/null +++ b/changes/bug7816_023_small @@ -0,0 +1,3 @@ + o Minor bugfixes: + - Fix various places where we leak file descriptors or memory on + error cases. Spotted by coverity. Fixes parts of bug 7816. diff --git a/src/common/log.c b/src/common/log.c index e56fb257f9..1ba8e6134e 100644 --- a/src/common/log.c +++ b/src/common/log.c @@ -833,8 +833,10 @@ add_file_log(const log_severity_list_t *severity, const char *filename) fd = tor_open_cloexec(filename, O_WRONLY|O_CREAT|O_APPEND, 0644); if (fd<0) return -1; - if (tor_fd_seekend(fd)<0) + if (tor_fd_seekend(fd)<0) { + close(fd); return -1; + } LOCK_LOGS(); add_stream_log_impl(severity, filename, fd); diff --git a/src/common/util.c b/src/common/util.c index 7d72a896f9..93e2ba8e14 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -2374,8 +2374,10 @@ read_file_to_str(const char *filename, int flags, struct stat *stat_out) } #endif - if ((uint64_t)(statbuf.st_size)+1 >= SIZE_T_CEILING) + if ((uint64_t)(statbuf.st_size)+1 >= SIZE_T_CEILING) { + close(fd); return NULL; + } string = tor_malloc((size_t)(statbuf.st_size+1)); diff --git a/src/or/connection.c b/src/or/connection.c index 0d8242a54e..d0602fde24 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -1058,6 +1058,7 @@ connection_listener_new(const struct sockaddr *listensockaddr, if (bind(s, listensockaddr, (socklen_t)sizeof(struct sockaddr_un)) == -1) { log_warn(LD_NET,"Bind to %s failed: %s.", address, tor_socket_strerror(tor_socket_errno(s))); + tor_close_socket(s); goto err; } #ifdef HAVE_PWD_H @@ -1066,9 +1067,11 @@ connection_listener_new(const struct sockaddr *listensockaddr, if (pw == NULL) { log_warn(LD_NET,"Unable to chown() %s socket: user %s not found.", address, options->User); + tor_close_socket(s); } else if (chown(address, pw->pw_uid, pw->pw_gid) < 0) { log_warn(LD_NET,"Unable to chown() %s socket: %s.", address, strerror(errno)); + tor_close_socket(s); goto err; } } @@ -1707,6 +1710,7 @@ connection_read_https_proxy_response(connection_t *conn) tor_free(headers); return -1; } + tor_free(headers); if (!reason) reason = tor_strdup("[no reason given]"); if (status_code == 200) { diff --git a/src/or/control.c b/src/or/control.c index 9ab0dafb7b..03e5d79c8e 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -3143,6 +3143,8 @@ handle_control_authchallenge(control_connection_t *conn, uint32_t len, "SERVERNONCE=%s\r\n", server_hash_encoded, server_nonce_encoded); + + tor_free(client_nonce); return 0; } diff --git a/src/or/geoip.c b/src/or/geoip.c index 9ba1e31b8b..e2e98e8ec4 100644 --- a/src/or/geoip.c +++ b/src/or/geoip.c @@ -1350,8 +1350,11 @@ load_bridge_stats(time_t now) fname = get_datadir_fname2("stats", "bridge-stats"); contents = read_file_to_str(fname, RFTS_IGNORE_MISSING, NULL); - if (contents && validate_bridge_stats(contents, now)) + if (contents && validate_bridge_stats(contents, now)) { bridge_stats_extrainfo = contents; + } else { + tor_free(contents); + } tor_free(fname); } |