[tor-commits] [obfsproxy/master] Fix a memory leak in obfs2.c:derive_padding_key (and be scrupulous about tearing down everything at shutdown time, too)

[nickm at torproject.org]

commit d4c299eeb58772fa9a76b8195ba8b803988f9938
Author: Zack Weinberg <zackw at panix.com>
Date:   Tue Jul 19 11:08:52 2011 -0700

    Fix a memory leak in obfs2.c:derive_padding_key (and be scrupulous about tearing down everything at shutdown time, too)
---
 src/crypt.c           |    4 ++--
 src/main.c            |   19 +++++++++++++++++--
 src/protocols/obfs2.c |   10 ++--------
 3 files changed, 21 insertions(+), 12 deletions(-)

diff --git a/src/crypt.c b/src/crypt.c
index 98516e6..e338214 100644
--- a/src/crypt.c
+++ b/src/crypt.c
@@ -26,7 +26,7 @@
 #endif
 
 /**
-   Initializes the obfs2 crypto subsystem.
+   Initializes the crypto subsystem.
 */
 int
 initialize_crypto(void)
@@ -58,7 +58,7 @@ initialize_crypto(void)
 }
 
 /**
-   Cleans up the obfs2 crypto subsystem.
+   Cleans up the crypto subsystem.
 */
 void
 cleanup_crypto(void)
diff --git a/src/main.c b/src/main.c
index cf811fa..254be94 100644
--- a/src/main.c
+++ b/src/main.c
@@ -4,6 +4,7 @@
 
 #include "util.h"
 
+#include "crypt.h"
 #include "network.h"
 #include "protocol.h"
 
@@ -14,6 +15,7 @@
 #include <string.h>
 
 #include <event2/event.h>
+#include <event2/dns.h>
 
 /* The character that seperates multiple listeners in the cli */
 #define SEPARATOR "+"
@@ -305,6 +307,12 @@ main(int argc, const char **argv)
   WSAStartup(0x101, &wsaData);
 #endif
 
+  /* Initialize crypto */
+  if (initialize_crypto() < 0) {
+    log_warn("Can't initialize crypto; failing");
+    return 1;
+  }
+
   /* Initialize libevent */
   the_event_base = event_base_new();
   if (!the_event_base) {
@@ -365,14 +373,21 @@ main(int argc, const char **argv)
             "%d survived.",
             n_protocols, actual_protocols,n_listeners);
 
-  /* run the event loop if at least a listener was created. */
+  /* run the event loop if at least one listener was created. */
   if (n_listeners)
     event_base_dispatch(the_event_base);
 
   log_info("Exiting.");
 
-  close_obfsproxy_logfile();
   free_all_listeners();
+  evdns_base_free(get_evdns_base(), 0);
+  event_free(sig_int);
+  event_free(sig_term);
+  event_base_free(the_event_base);
+
+  cleanup_crypto();
+
+  close_obfsproxy_logfile();
   free(protocol_options);
   free(n_options_array);
   free(protocols);
diff --git a/src/protocols/obfs2.c b/src/protocols/obfs2.c
index f17af90..5c9aedc 100644
--- a/src/protocols/obfs2.c
+++ b/src/protocols/obfs2.c
@@ -27,7 +27,6 @@ downcast(struct protocol_t *proto)
 /*
    This function parses 'options' and fills the protocol parameters
    structure 'params'.
-   It then fills the obfs2 vtable and initializes the crypto subsystem.
 
    Returns 0 on success, -1 on fail.
 */
@@ -43,12 +42,6 @@ obfs2_init(int n_options, const char *const *options)
     return NULL;
   }
 
-  if (initialize_crypto() < 0) {
-    log_warn("Can't initialize crypto; failing");
-    free(params);
-    return NULL;
-  }
-
   return params;
 }
 
@@ -219,6 +212,7 @@ derive_padding_key(void *s, const uchar *seed,
     digest_update(c, state->secret_seed, OBFUSCATE_SEED_LENGTH);
   digest_update(c, (uchar*)keytype, strlen(keytype));
   digest_getdigest(c, buf, sizeof(buf));
+  digest_free(c);
 
   if (seed_nonzero(state->secret_seed)) {
     digest_t *d;
@@ -227,13 +221,13 @@ derive_padding_key(void *s, const uchar *seed,
       d = digest_new();
       digest_update(d, buf, sizeof(buf));
       digest_getdigest(d, buf, sizeof(buf));
+      digest_free(d);
     }
   }
 
   cryptstate = crypt_new(buf, 16);
   crypt_set_iv(cryptstate, buf+16, 16);
   memset(buf, 0, 16);
-  digest_free(c);
   return cryptstate;
 }