mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
r17639@catbus: nickm | 2008-01-15 19:09:21 -0500
Fix some hard to trigger but nonetheless real memory leaks spotted by an anonymous contributor. Needs review. Partial backport candidate. svn:r13147
This commit is contained in:
parent
24aae484c9
commit
4a3b7496f0
@ -58,6 +58,12 @@ Changes in version 0.2.0.16-alpha - 2008-01-??
|
||||
but client versions are not.
|
||||
- Fix rare bug on REDIRECTSTREAM control command when called with no
|
||||
port set: it could erroneously report an error when none had happened.
|
||||
- Avoid bogus crash-prone, leak-prone tor_realloc when we're compressing
|
||||
large objects and find ourselves with more than 4k left over. Bugfix
|
||||
on 0.2.0.
|
||||
- Fix a small memory leak when setting up a hidden service.
|
||||
- Fix a few memory leaks that could in theory happen under bizarre error
|
||||
conditions.
|
||||
|
||||
o Minor features (controller):
|
||||
- Get NS events working again. (Patch from tup)
|
||||
|
@ -139,7 +139,7 @@ tor_gzip_compress(char **out, size_t *out_len,
|
||||
*out_len = stream->total_out;
|
||||
if (stream->total_out > out_size + 4097) {
|
||||
/* If we're wasting more than 4k, don't. */
|
||||
tor_realloc(*out, stream->total_out + 1);
|
||||
*out = tor_realloc(*out, stream->total_out + 1);
|
||||
}
|
||||
if (deflateEnd(stream)!=Z_OK) {
|
||||
log_warn(LD_BUG, "Error freeing gzip structures");
|
||||
|
@ -43,7 +43,7 @@ const char tortls_c_id[] =
|
||||
#include <string.h>
|
||||
|
||||
// #define V2_HANDSHAKE_SERVER
|
||||
// #define V2_HANDSHAKE_CLIENT
|
||||
#define V2_HANDSHAKE_CLIENT
|
||||
|
||||
/* Copied from or.h */
|
||||
#define LEGAL_NICKNAME_CHARACTERS \
|
||||
|
@ -1153,6 +1153,8 @@ options_act(or_options_t *old_options)
|
||||
if (parse_redirect_line(sl, cl, &errmsg)<0) {
|
||||
log_warn(LD_CONFIG, "%s", errmsg);
|
||||
tor_free(errmsg);
|
||||
SMARTLIST_FOREACH(sl, exit_redirect_t *, er, tor_free(er));
|
||||
smartlist_free(sl);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
@ -2096,6 +2098,7 @@ list_torrc_options(void)
|
||||
smartlist_clear(lines);
|
||||
}
|
||||
}
|
||||
smartlist_free(lines);
|
||||
}
|
||||
|
||||
/** Last value actually set by resolve_my_address. */
|
||||
|
@ -704,6 +704,7 @@ control_setconf_helper(control_connection_t *conn, uint32_t len, char *body,
|
||||
connection_write_str_to_buf("551 Couldn't parse string\r\n", conn);
|
||||
SMARTLIST_FOREACH(entries, char *, cp, tor_free(cp));
|
||||
smartlist_free(entries);
|
||||
tor_free(key);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
@ -1440,6 +1441,7 @@ getinfo_helper_dir(control_connection_t *control_conn,
|
||||
res = dirserv_get_routerdescs(descs, url, &msg);
|
||||
if (res) {
|
||||
log_warn(LD_CONTROL, "getinfo '%s': %s", question, msg);
|
||||
smartlist_free(descs);
|
||||
return -1;
|
||||
}
|
||||
SMARTLIST_FOREACH(descs, signed_descriptor_t *, sd,
|
||||
|
@ -1796,7 +1796,7 @@ networkstatus_getinfo_by_purpose(const char *purpose_string, time_t now)
|
||||
time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
|
||||
char *answer;
|
||||
routerlist_t *rl = router_get_routerlist();
|
||||
smartlist_t *statuses = smartlist_create();
|
||||
smartlist_t *statuses;
|
||||
uint8_t purpose = router_purpose_from_string(purpose_string);
|
||||
routerstatus_t rs;
|
||||
int bridge_auth = authdir_mode_bridge(get_options());
|
||||
@ -1807,6 +1807,7 @@ networkstatus_getinfo_by_purpose(const char *purpose_string, time_t now)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
statuses = smartlist_create();
|
||||
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
|
||||
if (ri->cache_info.published_on < cutoff)
|
||||
continue;
|
||||
|
@ -336,14 +336,13 @@ onion_skin_client_handshake(crypto_dh_env_t *handshake_state,
|
||||
len = crypto_dh_compute_secret(handshake_state, handshake_reply, DH_KEY_LEN,
|
||||
key_material, 20+key_out_len);
|
||||
if (len < 0)
|
||||
return -1;
|
||||
goto err;
|
||||
|
||||
if (memcmp(key_material, handshake_reply+DH_KEY_LEN, 20)) {
|
||||
/* H(K) does *not* match. Something fishy. */
|
||||
tor_free(key_material);
|
||||
log_warn(LD_PROTOCOL,"Digest DOES NOT MATCH on onion handshake. "
|
||||
"Bug or attack.");
|
||||
return -1;
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* use the rest of the key material for our shared keys, digests, etc */
|
||||
@ -357,6 +356,9 @@ onion_skin_client_handshake(crypto_dh_env_t *handshake_state,
|
||||
|
||||
tor_free(key_material);
|
||||
return 0;
|
||||
err:
|
||||
tor_free(key_material);
|
||||
return -1;
|
||||
}
|
||||
|
||||
/** Implement the server side of the CREATE_FAST abbreviated handshake. The
|
||||
@ -429,6 +431,7 @@ fast_client_handshake(const char *handshake_state, /* DIGEST_LEN bytes */
|
||||
/* H(K) does *not* match. Something fishy. */
|
||||
log_warn(LD_PROTOCOL,"Digest DOES NOT MATCH on fast handshake. "
|
||||
"Bug or attack.");
|
||||
tor_free(out);
|
||||
return -1;
|
||||
}
|
||||
memcpy(key_out, out+DIGEST_LEN, key_out_len);
|
||||
|
@ -284,6 +284,7 @@ rend_config_services(or_options_t *options, int validate_only)
|
||||
log_warn(LD_CONFIG,
|
||||
"Got multiple HiddenServiceNodes lines for a single "
|
||||
"service.");
|
||||
rend_service_free(service);
|
||||
return -1;
|
||||
}
|
||||
service->intro_prefer_nodes = tor_strdup(line->value);
|
||||
@ -292,6 +293,7 @@ rend_config_services(or_options_t *options, int validate_only)
|
||||
log_warn(LD_CONFIG,
|
||||
"Got multiple HiddenServiceExcludedNodes lines for "
|
||||
"a single service.");
|
||||
rend_service_free(service);
|
||||
return -1;
|
||||
}
|
||||
service->intro_exclude_nodes = tor_strdup(line->value);
|
||||
@ -308,6 +310,9 @@ rend_config_services(or_options_t *options, int validate_only)
|
||||
if (strlen(version_str) != 1 || strspn(version_str, "02") != 1) {
|
||||
log_warn(LD_CONFIG,
|
||||
"HiddenServiceVersion can only be 0 and/or 2.");
|
||||
SMARTLIST_FOREACH(versions, char *, cp, tor_free(cp));
|
||||
smartlist_free(versions);
|
||||
rend_service_free(service);
|
||||
return -1;
|
||||
}
|
||||
version = atoi(version_str);
|
||||
@ -317,6 +322,8 @@ rend_config_services(or_options_t *options, int validate_only)
|
||||
* value; otherwise leave it at -1. */
|
||||
if (versions_bitmask == 1 << 0) service->descriptor_version = 0;
|
||||
if (versions_bitmask == 1 << 2) service->descriptor_version = 2;
|
||||
SMARTLIST_FOREACH(versions, char *, cp, tor_free(cp));
|
||||
smartlist_free(versions);
|
||||
}
|
||||
}
|
||||
if (service) {
|
||||
@ -618,7 +625,7 @@ rend_service_introduce(origin_circuit_t *circuit, const char *request,
|
||||
if (len != REND_COOKIE_LEN+DH_KEY_LEN) {
|
||||
log_warn(LD_PROTOCOL, "Bad length %u for INTRODUCE2 cell.", (int)len);
|
||||
reason = END_CIRC_REASON_TORPROTOCOL;
|
||||
return -1;
|
||||
goto err;
|
||||
}
|
||||
|
||||
r_cookie = ptr;
|
||||
|
@ -397,8 +397,10 @@ init_keys(void)
|
||||
if (!server_mode(options)) {
|
||||
if (!(prkey = crypto_new_pk_env()))
|
||||
return -1;
|
||||
if (crypto_pk_generate_key(prkey))
|
||||
if (crypto_pk_generate_key(prkey)) {
|
||||
crypto_free_pk_env(prkey);
|
||||
return -1;
|
||||
}
|
||||
set_identity_key(prkey);
|
||||
/* Create a TLS context; default the client nickname to "client". */
|
||||
if (tor_tls_context_new(get_identity_key(),
|
||||
@ -1302,6 +1304,7 @@ router_rebuild_descriptor(int force)
|
||||
if (extrainfo_dump_to_string(ei->cache_info.signed_descriptor_body, 8192,
|
||||
ei, get_identity_key()) < 0) {
|
||||
log_warn(LD_BUG, "Couldn't generate extra-info descriptor.");
|
||||
extrainfo_free(ei);
|
||||
return -1;
|
||||
}
|
||||
ei->cache_info.signed_descriptor_len =
|
||||
|
@ -961,14 +961,14 @@ router_pick_trusteddirserver_impl(authority_type_t type, int flags)
|
||||
int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL);
|
||||
int prefer_tunnel = (flags & _PDS_PREFER_TUNNELED_DIR_CONNS);
|
||||
|
||||
if (!trusted_dir_servers)
|
||||
return NULL;
|
||||
|
||||
direct = smartlist_create();
|
||||
tunnel = smartlist_create();
|
||||
overloaded_direct = smartlist_create();
|
||||
overloaded_tunnel = smartlist_create();
|
||||
|
||||
if (!trusted_dir_servers)
|
||||
return NULL;
|
||||
|
||||
SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, d,
|
||||
{
|
||||
int is_overloaded =
|
||||
@ -2006,8 +2006,10 @@ signed_descriptor_get_body_impl(signed_descriptor_t *desc,
|
||||
tor_assert(r);
|
||||
if (!with_annotations) {
|
||||
if (memcmp("router ", r, 7) && memcmp("extra-info ", r, 11)) {
|
||||
char *cp = tor_strndup(r, 64);
|
||||
log_err(LD_DIR, "descriptor at %p begins with unexpected string %s",
|
||||
desc, tor_strndup(r, 64));
|
||||
desc, escaped(cp));
|
||||
tor_free(cp);
|
||||
}
|
||||
tor_assert(!memcmp("router ", r, 7) || !memcmp("extra-info ", r, 11));
|
||||
}
|
||||
|
@ -789,7 +789,7 @@ find_dir_signing_key(const char *str, const char *eos)
|
||||
}
|
||||
if (tok->tp != K_DIR_SIGNING_KEY) {
|
||||
log_warn(LD_DIR, "Dir-signing-key token did not parse as expected");
|
||||
return NULL;
|
||||
goto done;
|
||||
}
|
||||
|
||||
if (tok->key) {
|
||||
@ -797,10 +797,10 @@ find_dir_signing_key(const char *str, const char *eos)
|
||||
tok->key = NULL; /* steal reference. */
|
||||
} else {
|
||||
log_warn(LD_DIR, "Dir-signing-key token contained no key");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
token_free(tok);
|
||||
done:
|
||||
if (tok) token_free(tok);
|
||||
return key;
|
||||
}
|
||||
|
||||
@ -1090,7 +1090,7 @@ router_parse_entry_from_string(const char *s, const char *end,
|
||||
|
||||
if (router_get_router_hash(s, digest) < 0) {
|
||||
log_warn(LD_DIR, "Couldn't compute router hash.");
|
||||
return NULL;
|
||||
goto err;
|
||||
}
|
||||
{
|
||||
int flags = 0;
|
||||
|
@ -370,6 +370,8 @@ generate_certificate(void)
|
||||
"dir-key-certification\n",
|
||||
address?"\ndir-address ":"", address?address:"",
|
||||
fingerprint, published, expires, ident, signing);
|
||||
tor_free(ident);
|
||||
tor_free(signing);
|
||||
signed_len = strlen(buf);
|
||||
SHA1((const unsigned char*)buf,signed_len,(unsigned char*)digest);
|
||||
|
||||
|
@ -195,6 +195,7 @@ do_resolve(const char *hostname, uint32_t sockshost, uint16_t socksport,
|
||||
if ((len = build_socks_resolve_request(&req, "", hostname, reverse,
|
||||
version))<0) {
|
||||
log_err(LD_BUG,"Error generating SOCKS request");
|
||||
tor_assert(!req);
|
||||
return -1;
|
||||
}
|
||||
if (write_all(s, req, len, 1) != len) {
|
||||
|
Loading…
Reference in New Issue
Block a user