Merge remote-tracking branch 'public/bug7816_023'

Conflicts:
	src/common/util.c

changes/bug7816_023

@@ -0,0 +1,7 @@
+  o Minor bugfixes (memory leak, controller):
+    - Fix a memory leak during safe-cookie controller authentication.
+      Spotted by Coverity. Fixes part of bug 7816; bugfix on 0.2.3.13-alpha.
+
+  o Minor bugfixes (memory leak, HTTPS proxy support):
+    - Fix a memory leak when receiving headers from an HTTPS proxy.
+      Spotted by Coverity. Fixes part of bug 7816; bugfix on 0.2.1.1-alpha.

changes/bug7816_023_small

@@ -0,0 +1,3 @@
+  o Minor bugfixes:
+    - Fix various places where we leak file descriptors or memory on
+      error cases. Spotted by coverity. Fixes parts of bug 7816.

src/common/log.c

@@ -833,8 +833,10 @@ add_file_log(const log_severity_list_t *severity, const char *filename)
   fd = tor_open_cloexec(filename, O_WRONLY|O_CREAT|O_APPEND, 0644);
   if (fd<0)
     return -1;
-  if (tor_fd_seekend(fd)<0)
+  if (tor_fd_seekend(fd)<0) {
+    close(fd);
     return -1;
+  }
 
   LOCK_LOGS();
   add_stream_log_impl(severity, filename, fd);

src/common/util.c

@@ -2374,8 +2374,10 @@ read_file_to_str(const char *filename, int flags, struct stat *stat_out)
   }
 #endif
 
-  if ((uint64_t)(statbuf.st_size)+1 >= SIZE_T_CEILING)
+  if ((uint64_t)(statbuf.st_size)+1 >= SIZE_T_CEILING) {
+    close(fd);
     return NULL;
+  }
 
   string = tor_malloc((size_t)(statbuf.st_size+1));
 

src/or/connection.c

@@ -1058,6 +1058,7 @@ connection_listener_new(const struct sockaddr *listensockaddr,
     if (bind(s, listensockaddr, (socklen_t)sizeof(struct sockaddr_un)) == -1) {
       log_warn(LD_NET,"Bind to %s failed: %s.", address,
                tor_socket_strerror(tor_socket_errno(s)));
+      tor_close_socket(s);
       goto err;
     }
 #ifdef HAVE_PWD_H
@@ -1066,9 +1067,11 @@ connection_listener_new(const struct sockaddr *listensockaddr,
       if (pw == NULL) {
         log_warn(LD_NET,"Unable to chown() %s socket: user %s not found.",
                  address, options->User);
+        tor_close_socket(s);
       } else if (chown(address, pw->pw_uid, pw->pw_gid) < 0) {
         log_warn(LD_NET,"Unable to chown() %s socket: %s.",
                  address, strerror(errno));
+        tor_close_socket(s);
         goto err;
       }
     }
@@ -1707,6 +1710,7 @@ connection_read_https_proxy_response(connection_t *conn)
     tor_free(headers);
     return -1;
   }
+  tor_free(headers);
   if (!reason) reason = tor_strdup("[no reason given]");
 
   if (status_code == 200) {

src/or/control.c

@@ -3143,6 +3143,8 @@ handle_control_authchallenge(control_connection_t *conn, uint32_t len,
                            "SERVERNONCE=%s\r\n",
                            server_hash_encoded,
                            server_nonce_encoded);
+
+  tor_free(client_nonce);
   return 0;
 }
 

src/or/geoip.c

@@ -1350,8 +1350,11 @@ load_bridge_stats(time_t now)
 
   fname = get_datadir_fname2("stats", "bridge-stats");
   contents = read_file_to_str(fname, RFTS_IGNORE_MISSING, NULL);
-  if (contents && validate_bridge_stats(contents, now))
+  if (contents && validate_bridge_stats(contents, now)) {
     bridge_stats_extrainfo = contents;
+  } else {
+    tor_free(contents);
+  }
 
   tor_free(fname);
 }