#19555: Memleak in shared rand state keeping -------------------------------+-------------------------------- Reporter: asn | Owner: Type: defect | Status: new Priority: High | Milestone: Tor: 0.2.9.x-final Component: Core Tor/Tor | Version: Severity: Normal | Keywords: tor-prop250 Actual Points: | Parent ID: Points: 0.2 | Reviewer: Sponsor: SponsorR-must | -------------------------------+-------------------------------- There is a memleak in `disk_state_reset()`:
{{{ /* Reset disk state that is free allocated memory and zeroed the object. */ static void disk_state_reset(void) { config_free_lines(sr_disk_state->Commit); config_free_lines(sr_disk_state->SharedRandValues); config_free_lines(sr_disk_state->ExtraLines); memset(sr_disk_state, 0, sizeof(*sr_disk_state)); sr_disk_state->magic_ = SR_DISK_STATE_MAGIC; sr_disk_state->TorVersion = tor_strdup(get_version()); } }}} See how the `TorVersion` ptr is never freed before being overwritten with a new alloced ptr. This function is called everytime we save the state to disk (which should happen a few times every hour). I think the fix might be as simple as freeing `sr_disk_state->TorVersion` before overwriting the pointer. But we should make sure we don't double free. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19555> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs