commit ec61ae59a5d009a9e80f3bfa9a2aa5f5dfa05551
parent 6e5486b11ac113ab7cf42d167dd5555b5916ddbc
Author: teor <teor2345@gmail.com>
Date: Thu, 25 May 2017 12:30:21 +1000
Stop leaking keypin-rejected routerinfos on directory authorities
When directory authorities reject a router descriptor due to keypinning,
free the router descriptor rather than leaking the memory.
Fixes bug 22370; bugfix on 0.2.7.2-alpha.
Diffstat:
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/changes/bug22370 b/changes/bug22370
@@ -0,0 +1,4 @@
+ o Minor bugfixes (memory handling):
+ - When directory authorities reject a router descriptor due to keypinning,
+ free the router descriptor rather than leaking the memory.
+ Fixes bug 22370; bugfix on 0.2.7.2-alpha.
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
@@ -626,7 +626,11 @@ dirserv_add_multiple_descriptors(const char *desc, uint8_t purpose,
* passed back to the origin of this descriptor, or NULL if there is no such
* message. Use <b>source</b> to produce better log messages.
*
- * Return the status of the operation
+ * If <b>ri</b> is not added to the list of server descriptors, free it.
+ * That means the caller must not access <b>ri</b> after this function
+ * returns, since it might have been freed.
+ *
+ * Return the status of the operation.
*
* This function is only called when fresh descriptors are posted, not when
* we re-load the cache.
@@ -699,6 +703,7 @@ dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source)
"its key did not match an older RSA/Ed25519 keypair",
router_describe(ri), source);
*msg = "Looks like your keypair does not match its older value.";
+ routerinfo_free(ri);
return ROUTER_AUTHDIR_REJECTS;
}
