From 5a5a657bcafeba1c44cfd249883e0a619cb64887 Mon Sep 17 00:00:00 2001
From: Alberto Leiva Popper <ydahhrk@gmail.com>
Date: Mon, 11 Oct 2021 16:22:08 -0500
Subject: [PATCH] Certificate stack: Remove bogus x509stack_cancel()

It seems the #58 and #59 problem is a stray defer separator pop.

The comment above x509stack_cancel() clearly states that the function
should only be called shortly after a x509stack_push(), but there's one
in certificate_traverse() that isn't.

Removing this x509stack_cancel() seems to prevent the crash. I'm still
investigating the original intent of this code.

Tentatively f1xes #58 and #59.
---
 src/object/certificate.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/object/certificate.c b/src/object/certificate.c
index bd856b1c..54c6b477 100644
--- a/src/object/certificate.c
+++ b/src/object/certificate.c
@@ -2508,7 +2508,6 @@ certificate_traverse(struct rpp *rpp_parent, struct rpki_uri *cert_uri)
 		    x509stack_peek_resources(validation_certstack(state)));
 		cert = NULL; /* Ownership stolen at x509stack_push */
 		free(ski); /* No need to remember it */
-		x509stack_cancel(validation_certstack(state));
 
 		goto revert_refs;
 	}
-- 
2.47.2