diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-12-28 22:57:00 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-12-28 22:59:32 -0500 |
| commit | ee1d8dc4805e0aabfbda4c8b34e12d2071333a51 (patch) | |
| tree | b860d2af15296729c5dc71e7e2894f35ac5843f4 | |
| parent | 127cb39ffcacbcd99633671e92d299ef53bbac46 (diff) | |
| download | tor-ee1d8dc4805e0aabfbda4c8b34e12d2071333a51.tar tor-ee1d8dc4805e0aabfbda4c8b34e12d2071333a51.tar.gz | |
Fix a leak-on-error case in 0.2.4 spotted by coverity
This one hits if the snprintf() fails when we're writing our IPv6
exit policy. It's new in 0.2.4.7-alpha. Part of bug 7816.
| -rw-r--r-- | changes/bug7816.024 | 4 | ||||
| -rw-r--r-- | src/or/router.c | 1 |
2 files changed, 5 insertions, 0 deletions
diff --git a/changes/bug7816.024 b/changes/bug7816.024 new file mode 100644 index 000000000..6ed6b7485 --- /dev/null +++ b/changes/bug7816.024 @@ -0,0 +1,4 @@ + o Minor bugfixes: + - Avoid leaking IPv6 policy content if we fail to format it into + a router descriptor. Spotted by Coverity. Fixes part of 7816; + bugfix on 0.2.4.7-alpha. diff --git a/src/or/router.c b/src/or/router.c index c7380cb44..e892ce099 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -2190,6 +2190,7 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router, "ipv6-policy %s\n", p6); if (result<0) { log_warn(LD_BUG,"Descriptor printf of policy ran out of room"); + tor_free(p6); return -1; } written += result; |