circ: Free conflux pending nonce if nonce is untracked

This can happen if we loose track of the nonce and a circuit with it is
repurposed.

Without this, it would lead to a non fatal assert on a control port circuit
event of puporse change.

Related to #41037

Signed-off-by: David Goulet <dgoulet@torproject.org>

diff --git a/changes/ticket41037 b/changes/ticket41037
index c56165ade2040faeaefebf9cca861d9a92484dce..59e91ce62759a4798a5a31f0abf0e73c1e0efcc3 100644 (file)
--- a/changes/ticket41037
+++ b/changes/ticket41037
@@ -1,3 +1,6 @@
   o Minor bugfix (conflux):
     - Avoid a non fatal assert when describing a conflux circuit on the control
       port after being prepped to be freed. Fixes bug 41037; bugfix on 0.4.8.15.
+    - Remove the pending nonce if we realize that the nonce of the unlinked
+      circuit is not tracked anymore. Should avoid the non fatal assert
+      triggered with a control port circuit event.

diff --git a/src/core/or/conflux_pool.c b/src/core/or/conflux_pool.c
index 74781b307a81cc7ba3a6b98ffc1c40350a4adad3..dc8f31556c6714783d97817ae32d63550dcc114c 100644 (file)
--- a/src/core/or/conflux_pool.c
+++ b/src/core/or/conflux_pool.c
@@ -1460,6 +1460,11 @@ unlinked_circuit_closed(circuit_t *circ)
   /* This circuit is part of set that has already been removed previously freed
    * by another leg closing. */
   if (!unlinked) {
+    /* This circuit is not Conflux related anymore regardless of its purpose so
+     * remove the pending nonce so after this function, the circuit is not
+     * considered conflux with CIRCUIT_IS_CONFLUX(). */
+    tor_free(circ->conflux_pending_nonce);
+    circ->conflux_pending_nonce = NULL;
     return;
   }