summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorTheo Buehler <tb@cvs.openbsd.org>2022-11-26 15:45:48 +0000
committerTheo Buehler <tb@cvs.openbsd.org>2022-11-26 15:45:48 +0000
commit8eacf7b1c332fcaa29bef8b33df255735ca4614f (patch)
tree256f3f230d80ff3d0c5bbcd3aeec5ef6e85db0cb /usr.sbin
parent3b89abd14bd0dd68f602ba2f2474b8e67d790854 (diff)
Two small tweaks to the geofeed code
Only allocate b64 when it is needed. This way we can avoid allocating extra memory for the signed data itself. Also, only check for the end signature marker when it is actually expected. It's not forbidden - if stupid - to have a comment '# End Signature:' in the signed data. ok job
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/rpki-client/geofeed.c23
1 files changed, 12 insertions, 11 deletions
diff --git a/usr.sbin/rpki-client/geofeed.c b/usr.sbin/rpki-client/geofeed.c
index b5838919b98..dee17c933d3 100644
--- a/usr.sbin/rpki-client/geofeed.c
+++ b/usr.sbin/rpki-client/geofeed.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: geofeed.c,v 1.1 2022/11/26 12:02:37 job Exp $ */
+/* $OpenBSD: geofeed.c,v 1.2 2022/11/26 15:45:47 tb Exp $ */
/*
* Copyright (c) 2022 Job Snijders <job@fastly.com>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -120,10 +120,6 @@ geofeed_parse(X509 **x509, const char *fn, char *buf, size_t len)
if ((p.res = calloc(1, sizeof(struct geofeed))) == NULL)
err(1, NULL);
- if ((b64 = calloc(1, len)) == NULL)
- err(1, NULL);
- b64sz = len;
-
while ((nl = memchr(buf, '\n', len)) != NULL) {
line = buf;
@@ -148,13 +144,13 @@ geofeed_parse(X509 **x509, const char *fn, char *buf, size_t len)
goto out;
}
- if (strncmp(line, "# End Signature:",
- strlen("# End Signature:")) == 0) {
- end_signature_seen = 1;
- continue;
- }
-
if (rpki_signature_seen) {
+ if (strncmp(line, "# End Signature:",
+ strlen("# End Signature:")) == 0) {
+ end_signature_seen = 1;
+ continue;
+ }
+
if (linelen > 74) {
warnx("%s: line in signature section too long",
fn);
@@ -175,6 +171,11 @@ geofeed_parse(X509 **x509, const char *fn, char *buf, size_t len)
if (strncmp(line, "# RPKI Signature:",
strlen("# RPKI Signature:")) == 0) {
rpki_signature_seen = 1;
+
+ if ((b64 = calloc(1, len)) == NULL)
+ err(1, NULL);
+ b64sz = len;
+
continue;
}