From 5139735d6b340891d9b0db1ad36db40422fc6e3e Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Mon, 29 Mar 2021 06:38:35 +0000
Subject: [PATCH] Pull up freeing cms in gbr_parse() after its last use to
 avoid a leak on x509_get_extensions() failure.

Fix suggested by claudio
---
 usr.sbin/rpki-client/gbr.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/usr.sbin/rpki-client/gbr.c b/usr.sbin/rpki-client/gbr.c
index b80f5441acb..b8238de3b62 100644
--- a/usr.sbin/rpki-client/gbr.c
+++ b/usr.sbin/rpki-client/gbr.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: gbr.c,v 1.7 2021/03/27 18:12:15 job Exp $ */
+/*	$OpenBSD: gbr.c,v 1.8 2021/03/29 06:38:35 tb Exp $ */
 /*
  * Copyright (c) 2020 Claudio Jeker <claudio@openbsd.org>
  *
@@ -62,6 +62,8 @@ gbr_parse(X509 **x509, const char *fn)
 		err(1, NULL);
 	if ((p.res->vcard = strndup(cms, cmsz)) == NULL)
 		err(1, NULL);
+	free(cms);
+
 	if (!x509_get_extensions(*x509, fn, &p.res->aia, &p.res->aki,
 	    &p.res->ski)) {
 		gbr_free(p.res);
@@ -70,7 +72,6 @@ gbr_parse(X509 **x509, const char *fn)
 		return NULL;
 	}
 
-	free(cms);
 	return p.res;
 }
 
-- 
2.20.1