From a6271a62ac7170d222303971037d6e90ce576007 Mon Sep 17 00:00:00 2001 From: tb Date: Fri, 2 Apr 2021 08:07:47 +0000 Subject: [PATCH] Don't leak the uri of a delta with duplicate serial. ok claudio deraadt --- usr.sbin/rpki-client/rrdp_notification.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/usr.sbin/rpki-client/rrdp_notification.c b/usr.sbin/rpki-client/rrdp_notification.c index 501e5176704..7381e0ee660 100644 --- a/usr.sbin/rpki-client/rrdp_notification.c +++ b/usr.sbin/rpki-client/rrdp_notification.c @@ -62,6 +62,8 @@ struct notification_xml { enum notification_scope scope; }; +static void free_delta(struct delta_item *); + static int add_delta(struct notification_xml *nxml, const char *uri, const char hash[SHA256_DIGEST_LENGTH], long long serial) @@ -85,7 +87,7 @@ add_delta(struct notification_xml *nxml, const char *uri, TAILQ_FOREACH(n, &nxml->delta_q, q) { if (n->serial == serial) { warnx("duplicate delta serial %lld ", serial); - free(d); + free_delta(d); return 0; } if (n->serial > serial) { -- 2.20.1