On Thu, Feb 10, 2022 at 07:51:45AM +0100, Theo Buehler wrote:
> At this point conn->last_modified may or may not be allocated.
> If it is, overriting it will leak 30 bytes.
rrdp_input_handler() has a leak of the same kind.
Index: http.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/http.c,v
retrieving revision 1.52
diff -u -p -r1.52 http.c
--- http.c 23 Jan 2022 12:09:24 -0000 1.52
+++ http.c 10 Feb 2022 02:09:38 -0000
@@ -1231,6 +1231,7 @@ http_parse_header(struct http_connection
} else if (strncasecmp(cp, LAST_MODIFIED,
sizeof(LAST_MODIFIED) - 1) == 0) {
cp += sizeof(LAST_MODIFIED) - 1;
+ free(conn->last_modified);
if ((conn->last_modified = strdup(cp)) == NULL)
err(1, NULL);
}
Index: rrdp.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/rrdp.c,v
retrieving revision 1.21
diff -u -p -r1.21 rrdp.c
--- rrdp.c 23 Jan 2022 12:09:24 -0000 1.21
+++ rrdp.c 10 Feb 2022 07:41:54 -0000
@@ -429,6 +429,7 @@ rrdp_input_handler(int fd)
errx(1, "%s: bad internal state", s->local);
s->res = res;
+ free(s->last_mod);
s->last_mod = last_mod;
s->state |= RRDP_STATE_HTTP_DONE;
rrdp_finished(s);