Certificate stack: Remove bogus x509stack_cancel()

It seems the #58 and #59 problem is a stray defer separator pop.

The comment above x509stack_cancel() clearly states that the function
should only be called shortly after a x509stack_push(), but there's one
in certificate_traverse() that isn't.

Removing this x509stack_cancel() seems to prevent the crash. I'm still
investigating the original intent of this code.

Tentatively f1xes #58 and #59.

diff --git a/src/object/certificate.c b/src/object/certificate.c
index bd856b1c5ba785874e112bfeb0845cad2d10cc8d..54c6b477a5bc7071be672b31fded47fabcf4ee39 100644 (file)
--- a/src/object/certificate.c
+++ b/src/object/certificate.c
@@ -2508,7 +2508,6 @@ certificate_traverse(struct rpp *rpp_parent, struct rpki_uri *cert_uri)
                    x509stack_peek_resources(validation_certstack(state)));
                cert = NULL; /* Ownership stolen at x509stack_push */
                free(ski); /* No need to remember it */
-               x509stack_cancel(validation_certstack(state));
 
                goto revert_refs;
        }