summaryrefslogtreecommitdiff
path: root/usr.sbin/rpki-client
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin/rpki-client')
-rw-r--r--usr.sbin/rpki-client/aspa.c13
-rw-r--r--usr.sbin/rpki-client/cert.c20
-rw-r--r--usr.sbin/rpki-client/roa.c15
-rw-r--r--usr.sbin/rpki-client/spl.c10
4 files changed, 37 insertions, 21 deletions
diff --git a/usr.sbin/rpki-client/aspa.c b/usr.sbin/rpki-client/aspa.c
index 6e42be76d19..75c646d237b 100644
--- a/usr.sbin/rpki-client/aspa.c
+++ b/usr.sbin/rpki-client/aspa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: aspa.c,v 1.30 2024/04/08 14:02:13 tb Exp $ */
+/* $OpenBSD: aspa.c,v 1.31 2024/11/05 18:09:16 tb Exp $ */
/*
* Copyright (c) 2022 Job Snijders <job@fastly.com>
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
@@ -290,9 +290,14 @@ aspa_read(struct ibuf *b)
io_read_buf(b, &p->expires, sizeof(p->expires));
io_read_buf(b, &p->providersz, sizeof(size_t));
- if ((p->providers = calloc(p->providersz, sizeof(uint32_t))) == NULL)
- err(1, NULL);
- io_read_buf(b, p->providers, p->providersz * sizeof(p->providers[0]));
+
+ if (p->providersz > 0) {
+ if ((p->providers = calloc(p->providersz,
+ sizeof(p->providers[0]))) == NULL)
+ err(1, NULL);
+ io_read_buf(b, p->providers,
+ p->providersz * sizeof(p->providers[0]));
+ }
io_read_str(b, &p->aia);
io_read_str(b, &p->aki);
diff --git a/usr.sbin/rpki-client/cert.c b/usr.sbin/rpki-client/cert.c
index 882d11d38e2..020605ea809 100644
--- a/usr.sbin/rpki-client/cert.c
+++ b/usr.sbin/rpki-client/cert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cert.c,v 1.151 2024/10/07 12:19:52 tb Exp $ */
+/* $OpenBSD: cert.c,v 1.152 2024/11/05 18:09:16 tb Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2021 Job Snijders <job@openbsd.org>
@@ -1208,15 +1208,17 @@ cert_read(struct ibuf *b)
io_read_buf(b, &p->ipsz, sizeof(p->ipsz));
io_read_buf(b, &p->asz, sizeof(p->asz));
- p->ips = calloc(p->ipsz, sizeof(struct cert_ip));
- if (p->ips == NULL)
- err(1, NULL);
- io_read_buf(b, p->ips, p->ipsz * sizeof(p->ips[0]));
+ if (p->ipsz > 0) {
+ if ((p->ips = calloc(p->ipsz, sizeof(p->ips[0]))) == NULL)
+ err(1, NULL);
+ io_read_buf(b, p->ips, p->ipsz * sizeof(p->ips[0]));
+ }
- p->as = calloc(p->asz, sizeof(struct cert_as));
- if (p->as == NULL)
- err(1, NULL);
- io_read_buf(b, p->as, p->asz * sizeof(p->as[0]));
+ if (p->asz > 0) {
+ if ((p->as = calloc(p->asz, sizeof(p->as[0]))) == NULL)
+ err(1, NULL);
+ io_read_buf(b, p->as, p->asz * sizeof(p->as[0]));
+ }
io_read_str(b, &p->mft);
io_read_str(b, &p->notify);
diff --git a/usr.sbin/rpki-client/roa.c b/usr.sbin/rpki-client/roa.c
index 3d29e6a598c..cff8115922c 100644
--- a/usr.sbin/rpki-client/roa.c
+++ b/usr.sbin/rpki-client/roa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: roa.c,v 1.78 2024/05/24 12:57:20 tb Exp $ */
+/* $OpenBSD: roa.c,v 1.79 2024/11/05 18:09:16 tb Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -289,6 +289,11 @@ roa_parse(X509 **x509, const char *fn, int talid, const unsigned char *der,
goto out;
}
+ if (cert->ipsz == 0) {
+ warnx("%s: no IP address present", fn);
+ goto out;
+ }
+
/*
* If the ROA isn't valid, we accept it anyway and depend upon
* the code around roa_read() to check the "valid" field itself.
@@ -365,9 +370,11 @@ roa_read(struct ibuf *b)
io_read_buf(b, &p->ipsz, sizeof(p->ipsz));
io_read_buf(b, &p->expires, sizeof(p->expires));
- if ((p->ips = calloc(p->ipsz, sizeof(struct roa_ip))) == NULL)
- err(1, NULL);
- io_read_buf(b, p->ips, p->ipsz * sizeof(p->ips[0]));
+ if (p->ipsz > 0) {
+ if ((p->ips = calloc(p->ipsz, sizeof(p->ips[0]))) == NULL)
+ err(1, NULL);
+ io_read_buf(b, p->ips, p->ipsz * sizeof(p->ips[0]));
+ }
io_read_str(b, &p->aia);
io_read_str(b, &p->aki);
diff --git a/usr.sbin/rpki-client/spl.c b/usr.sbin/rpki-client/spl.c
index 9ab287d496f..a8f0b4a55da 100644
--- a/usr.sbin/rpki-client/spl.c
+++ b/usr.sbin/rpki-client/spl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: spl.c,v 1.3 2024/05/15 14:43:32 claudio Exp $ */
+/* $OpenBSD: spl.c,v 1.4 2024/11/05 18:09:16 tb Exp $ */
/*
* Copyright (c) 2024 Job Snijders <job@fastly.com>
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
@@ -373,9 +373,11 @@ spl_read(struct ibuf *b)
io_read_buf(b, &s->pfxsz, sizeof(s->pfxsz));
io_read_buf(b, &s->expires, sizeof(s->expires));
- if ((s->pfxs = calloc(s->pfxsz, sizeof(struct spl_pfx))) == NULL)
- err(1, NULL);
- io_read_buf(b, s->pfxs, s->pfxsz * sizeof(s->pfxs[0]));
+ if (s->pfxs > 0) {
+ if ((s->pfxs = calloc(s->pfxsz, sizeof(s->pfxs[0]))) == NULL)
+ err(1, NULL);
+ io_read_buf(b, s->pfxs, s->pfxsz * sizeof(s->pfxs[0]));
+ }
io_read_str(b, &s->aia);
io_read_str(b, &s->aki);