should not size the size until the allocation succeeds, or the free path will
try to deref the null array.
Index: json.c
===================================================================
RCS file: /home/cvs/src/usr.sbin/acme-client/json.c,v
retrieving revision 1.14
diff -u -p -r1.14 json.c
--- json.c 18 Jun 2019 18:50:07 -0000 1.14
+++ json.c 22 Jan 2020 05:37:59 -0000
@@ -459,12 +459,13 @@ json_parse_order(struct jsmnn *n, struct
if ((array = json_getarray(n, "authorizations")) == NULL)
goto err;
- if ((order->authsz = array->fields) > 0) {
+ if (array->fields > 0) {
order->auths = calloc(sizeof(*order->auths), order->authsz);
if (order->auths == NULL) {
warn("malloc");
goto err;
}
+ order->authsz = array->fields;
}
for (i = 0; i < array->fields; i++) {
