From ee1d8dc4805e0aabfbda4c8b34e12d2071333a51 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Fri, 28 Dec 2012 22:57:00 -0500 Subject: Fix a leak-on-error case in 0.2.4 spotted by coverity This one hits if the snprintf() fails when we're writing our IPv6 exit policy. It's new in 0.2.4.7-alpha. Part of bug 7816. --- changes/bug7816.024 | 4 ++++ src/or/router.c | 1 + 2 files changed, 5 insertions(+) create mode 100644 changes/bug7816.024 diff --git a/changes/bug7816.024 b/changes/bug7816.024 new file mode 100644 index 000000000..6ed6b7485 --- /dev/null +++ b/changes/bug7816.024 @@ -0,0 +1,4 @@ + o Minor bugfixes: + - Avoid leaking IPv6 policy content if we fail to format it into + a router descriptor. Spotted by Coverity. Fixes part of 7816; + bugfix on 0.2.4.7-alpha. diff --git a/src/or/router.c b/src/or/router.c index c7380cb44..e892ce099 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -2190,6 +2190,7 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router, "ipv6-policy %s\n", p6); if (result<0) { log_warn(LD_BUG,"Descriptor printf of policy ran out of room"); + tor_free(p6); return -1; } written += result; -- cgit v1.2.3