From 739c21e97b5c78ee76c7283993e7ca01f6d3beec Mon Sep 17 00:00:00 2001 From: Robert Ransom Date: Tue, 18 Oct 2011 07:08:02 -0700 Subject: Free rend_data and intro_key when extra intro circs become general-purpose --- changes/bug4251 | 8 ++++++++ src/or/rendservice.c | 13 +++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 changes/bug4251 diff --git a/changes/bug4251 b/changes/bug4251 new file mode 100644 index 0000000000..303c9e6364 --- /dev/null +++ b/changes/bug4251 @@ -0,0 +1,8 @@ + o Minor bugfixes: + + - When a hidden service turns an extra service-side introduction + circuit into a general-purpose circuit, free the rend_data and + intro_key fields first, so they won't be leaked if the circuit + is cannibalized for use as another service-side introduction + circuit. Bugfix on 0.2.1.7-alpha; fixes bug 4251. + diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 6ed9650fc1..0f5731912d 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -1421,7 +1421,20 @@ rend_service_intro_has_opened(origin_circuit_t *circuit) log_info(LD_CIRC|LD_REND, "We have just finished an introduction " "circuit, but we already have enough. Redefining purpose to " "general; leaving as internal."); + TO_CIRCUIT(circuit)->purpose = CIRCUIT_PURPOSE_C_GENERAL; + + { + rend_data_t *rend_data = circuit->rend_data; + circuit->rend_data = NULL; + rend_data_free(rend_data); + } + { + crypto_pk_env_t *intro_key = circuit->intro_key; + circuit->intro_key = NULL; + crypto_free_pk_env(intro_key); + } + circuit_has_opened(circuit); return; } -- cgit v1.2.3-54-g00ecf