On Tue, Oct 18, 2022 at 03:25:36PM +0200, Claudio Jeker wrote:
> With rev 1.65 proxy_parse_uri() can assign a pointer to proxyport
> that is part of fullhost and so points to freed memory (once that function
> returns). The fix is to copy the port as well.
>
> This should be a fix for
> https://github.com/rpki-client/rpki-client-portable/issues/74
ugh, sorry about that.
ok tb
> --
> :wq Claudio
>
> Index: http.c
> ===
> RCS file: /cvs/src/usr.sbin/rpki-client/http.c,v
> retrieving revision 1.69
> diff -u -p -r1.69 http.c
> --- http.c20 Sep 2022 08:53:27 - 1.69
> +++ http.c18 Oct 2022 13:15:58 -
> @@ -408,7 +408,8 @@ proxy_parse_uri(char *uri)
>
> if ((proxy.proxyhost = strdup(host)) == NULL)
> err(1, NULL);
> - proxy.proxyport = port;
> + if ((proxy.proxyport = strdup(port)) == NULL)
> + err(1, NULL);
> proxy.proxyauth = cookie;
>
> free(fullhost);
>