Coverity spotted this. Bug 7816. Fix on 0.2.3.13-alpha.
@@ -0,0 +1,3 @@
+ o Minor bugfixes (memory leak, controller):
+ - Fix a memory leak during safe-cookie controller authentication.
+ Spotted by Coverity. Fixes part of bug 7816; bugfix on 0.2.3.13-alpha.
@@ -3099,6 +3099,8 @@ handle_control_authchallenge(control_connection_t *conn, uint32_t len,
"SERVERNONCE=%s\r\n",
server_hash_encoded,
server_nonce_encoded);
+
+ tor_free(client_nonce);
return 0;
}