[tor-bugs] #29824 [Core Tor/Tor]: CID 1444119 resource leak in BUG case in consdiff.c
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Mar 19 19:55:47 UTC 2019
#29824: CID 1444119 resource leak in BUG case in consdiff.c
------------------------------+------------------------------
Reporter: catalyst | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords: coverity
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+------------------------------
{{{
*** CID 1444119: Resource leaks (RESOURCE_LEAK)
/src/feature/dircommon/consdiff.c: 1392 in consensus_diff_apply()
1386 int r1;
1387 char *result = NULL;
1388 memarea_t *area = memarea_new();
1389
1390 r1 = consensus_compute_digest_as_signed(consensus,
consensus_len, &d1);
1391 if (BUG(r1 < 0))
>>> CID 1444119: Resource leaks (RESOURCE_LEAK)
>>> Variable "area" going out of scope leaks the storage it points to.
1392 return NULL; // LCOV_EXCL_LINE
1393
1394 lines1 = smartlist_new();
1395 lines2 = smartlist_new();
1396 if (consensus_split_lines(lines1, consensus, consensus_len,
area) < 0)
1397 goto done;
}}}
This looks to be a leak if there is a `BUG()` condition, and the line is
already marked `LCOV_EXCL_LINE`. Should we mark this as ignored or
something in Coverity, or do we want to put cleanup code under that
`BUG()` condition?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29824>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list