On Tue, Mar 30, 2021 at 05:30:19PM +0200, Claudio Jeker wrote:
> Found the hard way. http_new() call http_free() if http_resolv() failes.
> http_free() call http_fail() in that case since the state is not
> STATE_DONE. In the main poll loop another http_fail() call is made. This
> results in bad bad things.
Ugh. This is ok if you want to land it separately.
There is also an issue with close(outfd): http_free() closes
conn->outfd, so you get an EBADF here on http_resolv() failure.
http_new() should probably take ownership of outfd and close it on
http_parse_uri() failure.
So I think the entire h == NULL case should go away.
>
> --
> :wq Claudio
>
> Index: http.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/rpki-client/http.c,v
> retrieving revision 1.11
> diff -u -p -r1.11 http.c
> --- http.c 29 Mar 2021 15:37:04 -0000 1.11
> +++ http.c 30 Mar 2021 15:23:20 -0000
> @@ -1198,8 +1198,8 @@ proc_http(char *bind_addr, int fd)
>
> h = http_new(id, uri, mod, outfd);
> if (h == NULL) {
> + /* response sent in http_new -> http_free */
> close(outfd);
> - http_fail(id);
> } else
> for (i = 0; i < MAX_CONNECTIONS; i++) {
> if (http_conns[i] != NULL)
>
