summaryrefslogtreecommitdiff
path: root/usr.sbin/rpki-client
diff options
context:
space:
mode:
authorJob Snijders <job@cvs.openbsd.org>2022-11-07 16:23:33 +0000
committerJob Snijders <job@cvs.openbsd.org>2022-11-07 16:23:33 +0000
commit4409fbee63f4672b2134e0c56392576a01ddd7eb (patch)
treeaca4d6211c2e474ceb94c102f68f8c8a18b28017 /usr.sbin/rpki-client
parentd7e5f34109c8ffe1b413be7b5591877d9999616e (diff)
Simplify use of strrchr()
with and OK tb@
Diffstat (limited to 'usr.sbin/rpki-client')
-rw-r--r--usr.sbin/rpki-client/cert.c10
-rw-r--r--usr.sbin/rpki-client/mft.c16
2 files changed, 18 insertions, 8 deletions
diff --git a/usr.sbin/rpki-client/cert.c b/usr.sbin/rpki-client/cert.c
index 92bc54bb34d..2ce5f63e592 100644
--- a/usr.sbin/rpki-client/cert.c
+++ b/usr.sbin/rpki-client/cert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cert.c,v 1.95 2022/11/04 12:05:36 tb Exp $ */
+/* $OpenBSD: cert.c,v 1.96 2022/11/07 16:23:32 job Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2021 Job Snijders <job@openbsd.org>
@@ -475,8 +475,12 @@ sbgp_sia(struct parse *p, X509_EXTENSION *ext)
}
mftfilename = strrchr(p->res->mft, '/');
- if (mftfilename == NULL || !valid_filename(mftfilename + 1,
- strlen(mftfilename) - 1)) {
+ if (mftfilename == NULL) {
+ warnx("%s: SIA: invalid rpkiManifest entry", p->fn);
+ goto out;
+ }
+ mftfilename++;
+ if (!valid_filename(mftfilename, strlen(mftfilename))) {
warnx("%s: SIA: rpkiManifest filename contains invalid "
"characters", p->fn);
goto out;
diff --git a/usr.sbin/rpki-client/mft.c b/usr.sbin/rpki-client/mft.c
index b86775e7705..097ec7a6691 100644
--- a/usr.sbin/rpki-client/mft.c
+++ b/usr.sbin/rpki-client/mft.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mft.c,v 1.77 2022/11/04 09:43:13 job Exp $ */
+/* $OpenBSD: mft.c,v 1.78 2022/11/07 16:23:32 job Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -392,14 +392,20 @@ mft_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len)
"missing CRL distribution point extension", fn);
goto out;
}
- if ((crlfile = strrchr(crldp, '/')) == NULL ||
- !valid_mft_filename(crlfile + 1, strlen(crlfile + 1)) ||
- rtype_from_file_extension(crlfile + 1) != RTYPE_CRL) {
+ crlfile = strrchr(crldp, '/');
+ if (crlfile == NULL) {
+ warnx("%s: RFC 6487 section 4.8.6: "
+ "invalid CRL distribution point", fn);
+ goto out;
+ }
+ crlfile++;
+ if (!valid_mft_filename(crlfile, strlen(crlfile)) ||
+ rtype_from_file_extension(crlfile) != RTYPE_CRL) {
warnx("%s: RFC 6487 section 4.8.6: CRL: "
"bad CRL distribution point extension", fn);
goto out;
}
- if ((p.res->crl = strdup(crlfile + 1)) == NULL)
+ if ((p.res->crl = strdup(crlfile)) == NULL)
err(1, NULL);
if (mft_parse_econtent(cms, cmsz, &p) == 0)