diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2023-05-03 10:22:31 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2023-05-03 10:22:31 +0000 |
| commit | 0c10e015f51c889526fd9374effc9d86597328bb (patch) | |
| tree | 38d273a0315faec7d4aa562d2d866e886402bc0d /usr.sbin | |
| parent | d69e130db20144ec45e56f4aafce7d9915bcbd40 (diff) | |
Fix a use-after-free in filemode
In case the TAL of a self-signed is unavailable, cert would be freed but
we'd still hold a reference to its expired time in expires, so invalidate
that pointer as well.
Found by, initial fix and ok job
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/rpki-client/filemode.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/usr.sbin/rpki-client/filemode.c b/usr.sbin/rpki-client/filemode.c index b2e729c337d..2870662c2c5 100644 --- a/usr.sbin/rpki-client/filemode.c +++ b/usr.sbin/rpki-client/filemode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: filemode.c,v 1.30 2023/04/26 16:32:41 claudio Exp $ */ +/* $OpenBSD: filemode.c,v 1.31 2023/05/03 10:22:30 tb Exp $ */ /* * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org> * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> @@ -478,6 +478,7 @@ proc_parser_file(char *file, unsigned char *buf, size_t len) } else { cert_free(cert); cert = NULL; + expires = NULL; status = 0; } } |