On Tue, Apr 19, 2022 at 08:22:53PM +0200, Theo Buehler wrote: > If the checks involving crlfile fail one way or the other, we'll leak > crldp. Here's one way to fix it. We could also drop the free(crldp) in > the body or add a free to the relevant conditional.
I think it would be better to only have one free(crldp) at the end of the function. The one in the middle where you added crldp = NULL can be removed. This is also fine. OK claudio@ > Index: mft.c > =================================================================== > RCS file: /cvs/src/usr.sbin/rpki-client/mft.c,v > retrieving revision 1.58 > diff -u -p -r1.58 mft.c > --- mft.c 19 Apr 2022 09:52:29 -0000 1.58 > +++ mft.c 19 Apr 2022 18:15:49 -0000 > @@ -446,7 +446,7 @@ mft_parse(X509 **x509, const char *fn, c > int rc = 0; > size_t cmsz; > unsigned char *cms; > - char *crldp, *crlfile; > + char *crldp = NULL, *crlfile; > > memset(&p, 0, sizeof(struct parse)); > p.fn = fn; > @@ -489,6 +489,7 @@ mft_parse(X509 **x509, const char *fn, c > if ((p.res->crl = strdup(crlfile + 1)) == NULL) > err(1, NULL); > free(crldp); > + crldp = NULL; > > if (mft_parse_econtent(cms, cmsz, &p) == 0) > goto out; > @@ -501,6 +502,7 @@ out: > X509_free(*x509); > *x509 = NULL; > } > + free(crldp); > free(cms); > return p.res; > } > -- :wq Claudio