From a6aa5eebd6117e6af68fd3d685d601ce18f24dbb Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Tue, 7 Dec 2004 07:48:16 +0000
Subject: [PATCH] Fix some memory leaks and unlikely segfaults

svn:r3103
---
 src/common/tortls.c   | 15 ++++++++-------
 src/or/circuitbuild.c |  1 +
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/src/common/tortls.c b/src/common/tortls.c
index 647bf26166..420b1963f7 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -338,8 +338,11 @@ tor_tls_context_new(crypto_pk_env_t *identity,
     if (!client_only) {
       if (cert && !SSL_CTX_use_certificate(*ctx,cert))
         goto error;
+      X509_free(cert); /* We just added a reference to cert. */
+      cert=NULL;
       if (idcert && !SSL_CTX_add_extra_chain_cert(*ctx,idcert))
         goto error;
+      idcert=NULL; /* The context now owns the reference to idcert */
     }
     SSL_CTX_set_session_cache_mode(*ctx, SSL_SESS_CACHE_OFF);
     if (isServer && !client_only) {
@@ -350,10 +353,8 @@ tor_tls_context_new(crypto_pk_env_t *identity,
         goto error;
       EVP_PKEY_free(pkey);
       pkey = NULL;
-      if (cert) {
-        if (!SSL_CTX_check_private_key(*ctx))
-          goto error;
-      }
+      if (!SSL_CTX_check_private_key(*ctx))
+        goto error;
     }
     dh = crypto_dh_new();
     SSL_CTX_set_tmp_dh(*ctx, _crypto_dh_env_get_dh(dh));
@@ -393,7 +394,7 @@ tor_tls_context_new(crypto_pk_env_t *identity,
   if (cert)
     X509_free(cert);
   if (idcert)
-    X509_free(cert);
+    X509_free(idcert);
   return -1;
 }
 
@@ -614,12 +615,12 @@ tor_tls_get_peer_cert_nickname(tor_tls *tls, char *buf, size_t buflen)
     log_fn(LOG_WARN, "Peer certificate nickname has illegal characters.");
     goto error;
   }
+  X509_free(cert);
+
   return 0;
  error:
   if (cert)
     X509_free(cert);
-  if (name)
-    X509_NAME_free(name);
   return -1;
 }
 
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index bdd760a377..aa101aff6d 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -118,6 +118,7 @@ circuit_list_path(circuit_t *circ, int verbose)
 
   s = smartlist_join_strings(elements, verbose?" ":",", 0, NULL);
   SMARTLIST_FOREACH(elements, char*, cp, tor_free(cp));
+  smartlist_free(elements);
   return s;
 }
 
-- 
2.11.4.GIT