From c1fc30020ea11de120710121f90f3883405c7c6f Mon Sep 17 00:00:00 2001
From: Roland Bracewell Shoemaker <rolandshoemaker@gmail.com>
Date: Mon, 1 Jun 2020 14:32:02 -0700
Subject: [PATCH] Fix bug in how bad-key-revoker resolves contacts (#4833)

admin-revoker uses a dummy registration ID (0) when adding rows to
the blockedKeys table. resolveContacts in bad-key-revoker fails if it
cannot lookup a registration. Don't bother adding the id to the list
of ids to resolve, and add a catch for non-existent registration IDs
to resolveContacts.
---
 cmd/bad-key-revoker/main.go      | 9 +++++++--
 cmd/bad-key-revoker/main_test.go | 2 +-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/cmd/bad-key-revoker/main.go b/cmd/bad-key-revoker/main.go
index c682d473d..1a4c39f52 100644
--- a/cmd/bad-key-revoker/main.go
+++ b/cmd/bad-key-revoker/main.go
@@ -153,6 +153,9 @@ func (bkr *badKeyRevoker) resolveContacts(ids []int64) (map[int64][]string, erro
 		}
 		err := bkr.dbMap.SelectOne(&emails, "SELECT contact FROM registrations WHERE id = ?", id)
 		if err != nil {
+			if db.IsNoRows(err) {
+				continue
+			}
 			return nil, err
 		}
 		if len(emails.Contact) != 0 {
@@ -278,8 +281,10 @@ func (bkr *badKeyRevoker) invoke() (bool, error) {
 	}
 	// if the account that revoked the original certificate isn't an owner of any
 	// extant certificates, still add them to ids so that we can resolve their
-	// email and avoid sending emails later.
-	if _, present := ownedBy[unchecked.RevokedBy]; !present {
+	// email and avoid sending emails later. If RevokedBy == 0 it was a row
+	// inserted by admin-revoker with a dummy ID, since there won't be a registration
+	// to look up, don't bother adding it to ids.
+	if _, present := ownedBy[unchecked.RevokedBy]; !present && unchecked.RevokedBy != 0 {
 		ids = append(ids, unchecked.RevokedBy)
 	}
 	// get contact addresses for the list of IDs
diff --git a/cmd/bad-key-revoker/main_test.go b/cmd/bad-key-revoker/main_test.go
index 0550eb4d3..54c6f810d 100644
--- a/cmd/bad-key-revoker/main_test.go
+++ b/cmd/bad-key-revoker/main_test.go
@@ -182,7 +182,7 @@ func TestResolveContacts(t *testing.T) {
 	regIDC := insertRegistration(t, dbMap, "example.com")
 	regIDD := insertRegistration(t, dbMap, "example-2.com")
 
-	idToEmail, err := bkr.resolveContacts([]int64{regIDA, regIDB, regIDC, regIDD})
+	idToEmail, err := bkr.resolveContacts([]int64{0, regIDA, regIDB, regIDC, regIDD})
 	test.AssertNotError(t, err, "resolveContacts failed")
 	test.AssertDeepEquals(t, idToEmail, map[int64][]string{
 		regIDA: {""},