commit 71ba517e0c557d0ae35af7a5f99c8756f336a416 Author: Andrea Shepard <andrea@torproject.org> Date: Mon Oct 8 18:24:04 2012 -0700 Check return value from connection_or_connect() in channel_tls_connect() It's possible for connection_or_connect() to fail and return NULL after it sets tlschan->conn, so not checking leaves a channel hanging around in CHANNEL_STATE_OPENING with a pointer to a freed or_connection_t forever. --- src/or/channeltls.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/or/channeltls.c b/src/or/channeltls.c index 8a1b5eb..03792dd 100644 --- a/src/or/channeltls.c +++ b/src/or/channeltls.c @@ -129,7 +129,7 @@ channel_tls_connect(const tor_addr_t *addr, uint16_t port, cell_ewma_get_tick(); /* Set up or_connection stuff */ - connection_or_connect(addr, port, id_digest, tlschan); + tlschan->conn = connection_or_connect(addr, port, id_digest, tlschan); /* connection_or_connect() will fill in tlschan->conn */ if (!(tlschan->conn)) { channel_change_state(chan, CHANNEL_STATE_ERROR);