diff options
| author | Rich Salz <rsalz@openssl.org> | 2015-04-30 17:33:59 -0400 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2015-04-30 17:33:59 -0400 |
| commit | 222561fe8ef510f336417a666f69f81ddc9b8fe4 (patch) | |
| tree | 70bc6af70550022bc7b7af45bd3c6d64d7fc2680 /apps | |
| parent | 2ace745022f5af0709297e96eb0b0829c87c4291 (diff) | |
| download | openssl-222561fe8ef510f336417a666f69f81ddc9b8fe4.tar.gz | |
free NULL cleanup 5a
Don't check for NULL before calling a free routine. This gets X509_.*free:
x509_name_ex_free X509_policy_tree_free X509_VERIFY_PARAM_free
X509_STORE_free X509_STORE_CTX_free X509_PKEY_free
X509_OBJECT_free_contents X509_LOOKUP_free X509_INFO_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/apps.c | 3 | ||||
| -rw-r--r-- | apps/ca.c | 44 | ||||
| -rw-r--r-- | apps/crl2p7.c | 6 | ||||
| -rw-r--r-- | apps/ocsp.c | 3 | ||||
| -rw-r--r-- | apps/pkcs12.c | 6 | ||||
| -rw-r--r-- | apps/s_cb.c | 15 | ||||
| -rw-r--r-- | apps/s_client.c | 12 | ||||
| -rw-r--r-- | apps/s_server.c | 22 | ||||
| -rw-r--r-- | apps/smime.c | 3 | ||||
| -rw-r--r-- | apps/verify.c | 9 |
10 files changed, 42 insertions, 81 deletions
diff --git a/apps/apps.c b/apps/apps.c index 5eadc72cfd..9475fe3ccd 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -971,8 +971,7 @@ static int load_certs_crls(const char *file, int format, end: - if (xis) - sk_X509_INFO_pop_free(xis, X509_INFO_free); + sk_X509_INFO_pop_free(xis, X509_INFO_free); if (rv == 0) { if (pcerts) { @@ -1349,9 +1349,7 @@ end_of_options: BIO_free_all(Sout); BIO_free_all(out); BIO_free_all(in); - - if (cert_sk) - sk_X509_pop_free(cert_sk, X509_free); + sk_X509_pop_free(cert_sk, X509_free); if (ret) ERR_print_errors(bio_err); @@ -1364,8 +1362,7 @@ end_of_options: if (sigopts) sk_OPENSSL_STRING_free(sigopts); EVP_PKEY_free(pkey); - if (x509) - X509_free(x509); + X509_free(x509); X509_CRL_free(crl); NCONF_free(conf); NCONF_free(extconf); @@ -1440,8 +1437,7 @@ static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, ext_copy, selfsign); end: - if (req != NULL) - X509_REQ_free(req); + X509_REQ_free(req); BIO_free(in); return (ok); } @@ -1495,10 +1491,8 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, ext_copy, 0); end: - if (rreq != NULL) - X509_REQ_free(rreq); - if (req != NULL) - X509_free(req); + X509_REQ_free(rreq); + X509_free(req); return (ok); } @@ -1700,8 +1694,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, if (push != NULL) { if (!X509_NAME_add_entry(subject, push, -1, 0)) { - if (push != NULL) - X509_NAME_ENTRY_free(push); + X509_NAME_ENTRY_free(push); BIO_printf(bio_err, "Memory allocation failure\n"); goto end; } @@ -1876,8 +1869,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, /* * Free the current entries if any, there should not be any I believe */ - if (ci->extensions != NULL) - sk_X509_EXTENSION_pop_free(ci->extensions, X509_EXTENSION_free); + sk_X509_EXTENSION_pop_free(ci->extensions, X509_EXTENSION_free); ci->extensions = NULL; @@ -2027,18 +2019,14 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, if (row[i] != NULL) OPENSSL_free(row[i]); - if (CAname != NULL) - X509_NAME_free(CAname); - if (subject != NULL) - X509_NAME_free(subject); - if ((dn_subject != NULL) && !email_dn) + X509_NAME_free(CAname); + X509_NAME_free(subject); + if (dn_subject != subject) X509_NAME_free(dn_subject); ASN1_UTCTIME_free(tmptm); - if (ok <= 0) { - if (ret != NULL) - X509_free(ret); - ret = NULL; - } else + if (ok <= 0) + X509_free(ret); + else *xret = ret; return (ok); } @@ -2186,14 +2174,12 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, verbose, req, ext_sect, lconf, certopt, nameopt, default_op, ext_copy, 0); end: - if (req != NULL) - X509_REQ_free(req); + X509_REQ_free(req); if (parms != NULL) CONF_free(parms); if (spki != NULL) NETSCAPE_SPKI_free(spki); - if (ne != NULL) - X509_NAME_ENTRY_free(ne); + X509_NAME_ENTRY_free(ne); return (ok); } diff --git a/apps/crl2p7.c b/apps/crl2p7.c index d75b6674a5..fb2b085ead 100644 --- a/apps/crl2p7.c +++ b/apps/crl2p7.c @@ -215,8 +215,7 @@ int crl2pkcs7_main(int argc, char **argv) BIO_free(in); BIO_free_all(out); PKCS7_free(p7); - if (crl != NULL) - X509_CRL_free(crl); + X509_CRL_free(crl); return (ret); } @@ -267,7 +266,6 @@ static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile) end: /* never need to OPENSSL_free x */ BIO_free(in); - if (sk != NULL) - sk_X509_INFO_free(sk); + sk_X509_INFO_free(sk); return (ret); } diff --git a/apps/ocsp.c b/apps/ocsp.c index fb60e3b669..680cc0a79e 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -735,8 +735,7 @@ int ocsp_main(int argc, char **argv) ERR_print_errors(bio_err); X509_free(signer); X509_STORE_free(store); - if (vpm) - X509_VERIFY_PARAM_free(vpm); + X509_VERIFY_PARAM_free(vpm); EVP_PKEY_free(key); EVP_PKEY_free(rkey); X509_free(cert); diff --git a/apps/pkcs12.c b/apps/pkcs12.c index ec7a1d94e1..b4b37305bb 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -504,10 +504,8 @@ int pkcs12_main(int argc, char **argv) export_end: EVP_PKEY_free(key); - if (certs) - sk_X509_pop_free(certs, X509_free); - if (ucert) - X509_free(ucert); + sk_X509_pop_free(certs, X509_free); + X509_free(ucert); goto end; diff --git a/apps/s_cb.c b/apps/s_cb.c index 76aeadbda3..1d026b6514 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -1219,11 +1219,9 @@ void ssl_excert_free(SSL_EXCERT *exc) { SSL_EXCERT *curr; while (exc) { - if (exc->cert) - X509_free(exc->cert); + X509_free(exc->cert); EVP_PKEY_free(exc->key); - if (exc->chain) - sk_X509_pop_free(exc->chain, X509_free); + sk_X509_pop_free(exc->chain, X509_free); curr = exc; exc = exc->next; OPENSSL_free(curr); @@ -1385,8 +1383,7 @@ void print_ssl_summary(SSL *s) BIO_printf(bio_err, "Hash used: %s\n", OBJ_nid2sn(nid)); } else BIO_puts(bio_err, "No peer certificate\n"); - if (peer) - X509_free(peer); + X509_free(peer); #ifndef OPENSSL_NO_EC ssl_print_point_formats(bio_err, s); if (SSL_is_server(s)) @@ -1501,10 +1498,8 @@ int ssl_load_stores(SSL_CTX *ctx, } rv = 1; err: - if (vfy) - X509_STORE_free(vfy); - if (ch) - X509_STORE_free(ch); + X509_STORE_free(vfy); + X509_STORE_free(ch); return rv; } diff --git a/apps/s_client.c b/apps/s_client.c index 9d0d6f0cb4..fdd1f5c5ab 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1998,17 +1998,14 @@ int s_client_main(int argc, char **argv) OPENSSL_free(next_proto.data); #endif SSL_CTX_free(ctx); - if (cert) - X509_free(cert); + X509_free(cert); if (crls) sk_X509_CRL_pop_free(crls, X509_CRL_free); EVP_PKEY_free(key); - if (chain) - sk_X509_pop_free(chain, X509_free); + sk_X509_pop_free(chain, X509_free); if (pass) OPENSSL_free(pass); - if (vpm) - X509_VERIFY_PARAM_free(vpm); + X509_VERIFY_PARAM_free(vpm); ssl_excert_free(exc); sk_OPENSSL_STRING_free(ssl_args); SSL_CONF_CTX_free(cctx); @@ -2197,8 +2194,7 @@ static void print_stuff(BIO *bio, SSL *s, int full) } } BIO_printf(bio, "---\n"); - if (peer != NULL) - X509_free(peer); + X509_free(peer); /* flush, or debugging output gets mixed with http response */ (void)BIO_flush(bio); } diff --git a/apps/s_server.c b/apps/s_server.c index 701f52da63..f8bec24f3e 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1925,24 +1925,18 @@ int s_server_main(int argc, char *argv[]) ret = 0; end: SSL_CTX_free(ctx); - if (s_cert) - X509_free(s_cert); - if (crls) - sk_X509_CRL_pop_free(crls, X509_CRL_free); - if (s_dcert) - X509_free(s_dcert); + X509_free(s_cert); + sk_X509_CRL_pop_free(crls, X509_CRL_free); + X509_free(s_dcert); EVP_PKEY_free(s_key); EVP_PKEY_free(s_dkey); - if (s_chain) - sk_X509_pop_free(s_chain, X509_free); - if (s_dchain) - sk_X509_pop_free(s_dchain, X509_free); + sk_X509_pop_free(s_chain, X509_free); + sk_X509_pop_free(s_dchain, X509_free); if (pass) OPENSSL_free(pass); if (dpass) OPENSSL_free(dpass); - if (vpm) - X509_VERIFY_PARAM_free(vpm); + X509_VERIFY_PARAM_free(vpm); free_sessions(); #ifndef OPENSSL_NO_TLSEXT if (tlscstatp.host) @@ -1951,9 +1945,9 @@ int s_server_main(int argc, char *argv[]) OPENSSL_free(tlscstatp.port); if (tlscstatp.path) OPENSSL_free(tlscstatp.path); + if (ctx2 != NULL) SSL_CTX_free(ctx2); - if (s_cert2) - X509_free(s_cert2); + X509_free(s_cert2); EVP_PKEY_free(s_key2); BIO_free(serverinfo_in); # ifndef OPENSSL_NO_NEXTPROTONEG diff --git a/apps/smime.c b/apps/smime.c index 21e9daa694..0fda865565 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -650,8 +650,7 @@ int smime_main(int argc, char **argv) ERR_print_errors(bio_err); sk_X509_pop_free(encerts, X509_free); sk_X509_pop_free(other, X509_free); - if (vpm) - X509_VERIFY_PARAM_free(vpm); + X509_VERIFY_PARAM_free(vpm); if (sksigners) sk_OPENSSL_STRING_free(sksigners); if (skkeys) diff --git a/apps/verify.c b/apps/verify.c index 1faca9675e..f4e18f0535 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -221,10 +221,8 @@ int verify_main(int argc, char **argv) } end: - if (vpm) - X509_VERIFY_PARAM_free(vpm); - if (store != NULL) - X509_STORE_free(store); + X509_VERIFY_PARAM_free(vpm); + X509_STORE_free(store); sk_X509_pop_free(untrusted, X509_free); sk_X509_pop_free(trusted, X509_free); sk_X509_CRL_pop_free(crls, X509_CRL_free); @@ -283,8 +281,7 @@ static int check(X509_STORE *ctx, char *file, } sk_X509_pop_free(chain, X509_free); } - if (x != NULL) - X509_free(x); + X509_free(x); return (ret); } |