Download raw body.
rpki-client: avoid crash in file mode
Looking at an expired TA cert crashes because ta_parse() frees cert
while expires and notafter still point at members of that struct.
Since expires != NULL, we'll try to cert_print(NULL) and boom.
Index: filemode.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/filemode.c,v
diff -u -p -r1.42 filemode.c
--- filemode.c 20 May 2024 15:51:43 -0000 1.42
+++ filemode.c 6 Jun 2024 05:38:10 -0000
@@ -529,6 +529,11 @@ proc_parser_file(char *file, unsigned ch
if ((tal = find_tal(cert)) != NULL) {
cert = ta_parse(file, cert, tal->pkey, tal->pkeysz);
status = (cert != NULL);
+ if (cert == NULL) {
+ /* avoid dangling pointers */
+ expires = NULL;
+ notafter = NULL;
+ }
if (outformats & FORMAT_JSON)
json_do_string("tal", tal->descr);
else
rpki-client: avoid crash in file mode