From 10c123100aeafcd9ffd76326227539a7a2876a58 Mon Sep 17 00:00:00 2001
From: job <job@openbsd.org>
Date: Mon, 15 Jun 2026 14:45:19 +0000
Subject: [PATCH] Add some guardrails to rsync_base_uri() against future
 programmer error

OK tb@
---
 usr.sbin/rpki-client/repo.c  | 6 +++---
 usr.sbin/rpki-client/rsync.c | 4 +++-
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/usr.sbin/rpki-client/repo.c b/usr.sbin/rpki-client/repo.c
index 80b81532955..d52672c3b93 100644
--- a/usr.sbin/rpki-client/repo.c
+++ b/usr.sbin/rpki-client/repo.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: repo.c,v 1.83 2026/06/15 14:30:53 job Exp $ */
+/*	$OpenBSD: repo.c,v 1.84 2026/06/15 14:45:19 job Exp $ */
 /*
  * Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -480,7 +480,7 @@ static struct rsyncrepo *
 rsync_get(const char *uri, const char *validdir)
 {
 	struct rsyncrepo *rr;
-	char *repo;
+	char *repo = NULL;
 
 	if (!rsync_base_uri(uri, &repo))
 		errx(1, "bad caRepository URI: %s", uri);
@@ -1225,7 +1225,7 @@ struct repo *
 repo_lookup(int talid, const char *uri, const char *notify)
 {
 	struct repo	*rp;
-	char		*repouri;
+	char		*repouri = NULL;
 
 	if (!rsync_base_uri(uri, &repouri))
 		errx(1, "bad caRepository URI: %s", uri);
diff --git a/usr.sbin/rpki-client/rsync.c b/usr.sbin/rpki-client/rsync.c
index 756e7d0034f..1125cde0f86 100644
--- a/usr.sbin/rpki-client/rsync.c
+++ b/usr.sbin/rpki-client/rsync.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rsync.c,v 1.63 2026/06/15 14:30:53 job Exp $ */
+/*	$OpenBSD: rsync.c,v 1.64 2026/06/15 14:45:19 job Exp $ */
 /*
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -66,6 +66,8 @@ rsync_base_uri(const char *uri, char **out_base_uri)
 {
 	const char *host, *module, *rest;
 
+	assert(out_base_uri == NULL || *out_base_uri == NULL);
+
 	/* Case-insensitive rsync URI. */
 	if (strncasecmp(uri, RSYNC_PROTO, RSYNC_PROTO_LEN) != 0) {
 		warnx("%s: not using rsync schema", uri);