diff options
author | Rich Salz <rsalz@openssl.org> | 2015-05-01 10:02:07 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2015-05-01 10:02:07 -0400 |
commit | b548a1f11c06ccdfa4f52a539912d22d77ee309e (patch) | |
tree | 37ff8792ddf09e4805aa3ba76b805923d3c52734 /ssl | |
parent | 33fbca83dcd05b77f807fab205c4523b8cfe85b5 (diff) | |
download | openssl-b548a1f11c06ccdfa4f52a539912d22d77ee309e.tar.gz |
free null cleanup finale
Don't check for NULL before calling OPENSSL_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/bio_ssl.c | 3 | ||||
-rw-r--r-- | ssl/d1_both.c | 9 | ||||
-rw-r--r-- | ssl/record/rec_layer_d1.c | 21 | ||||
-rw-r--r-- | ssl/record/ssl3_buffer.c | 15 | ||||
-rw-r--r-- | ssl/record/ssl3_record.c | 3 | ||||
-rw-r--r-- | ssl/s3_clnt.c | 36 | ||||
-rw-r--r-- | ssl/s3_lib.c | 23 | ||||
-rw-r--r-- | ssl/s3_srvr.c | 15 | ||||
-rw-r--r-- | ssl/ssl_asn1.c | 6 | ||||
-rw-r--r-- | ssl/ssl_ciph.c | 2 | ||||
-rw-r--r-- | ssl/ssl_conf.c | 12 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 18 | ||||
-rw-r--r-- | ssl/ssl_sess.c | 7 | ||||
-rw-r--r-- | ssl/t1_enc.c | 6 | ||||
-rw-r--r-- | ssl/t1_ext.c | 3 | ||||
-rw-r--r-- | ssl/t1_lib.c | 78 |
16 files changed, 86 insertions, 171 deletions
diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c index da98ea03d8..284d3ad133 100644 --- a/ssl/bio_ssl.c +++ b/ssl/bio_ssl.c @@ -130,8 +130,7 @@ static int ssl_free(BIO *a) a->init = 0; a->flags = 0; } - if (a->ptr != NULL) - OPENSSL_free(a->ptr); + OPENSSL_free(a->ptr); return (1); } diff --git a/ssl/d1_both.c b/ssl/d1_both.c index 2a76474b98..7b7f8760d1 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -189,8 +189,7 @@ static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len, if (reassembly) { bitmask = OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len)); if (bitmask == NULL) { - if (buf != NULL) - OPENSSL_free(buf); + OPENSSL_free(buf); OPENSSL_free(frag); return NULL; } @@ -211,10 +210,8 @@ void dtls1_hm_fragment_free(hm_fragment *frag) EVP_MD_CTX_destroy(frag->msg_header. saved_retransmit_state.write_hash); } - if (frag->fragment) - OPENSSL_free(frag->fragment); - if (frag->reassembly) - OPENSSL_free(frag->reassembly); + OPENSSL_free(frag->fragment); + OPENSSL_free(frag->reassembly); OPENSSL_free(frag); } diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 3183bcf79c..a78f150c34 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -177,27 +177,21 @@ void DTLS_RECORD_LAYER_clear(RECORD_LAYER *rl) while ((item = pqueue_pop(d->unprocessed_rcds.q)) != NULL) { rdata = (DTLS1_RECORD_DATA *)item->data; - if (rdata->rbuf.buf) { - OPENSSL_free(rdata->rbuf.buf); - } + OPENSSL_free(rdata->rbuf.buf); OPENSSL_free(item->data); pitem_free(item); } while ((item = pqueue_pop(d->processed_rcds.q)) != NULL) { rdata = (DTLS1_RECORD_DATA *)item->data; - if (rdata->rbuf.buf) { - OPENSSL_free(rdata->rbuf.buf); - } + OPENSSL_free(rdata->rbuf.buf); OPENSSL_free(item->data); pitem_free(item); } while ((item = pqueue_pop(d->buffered_app_data.q)) != NULL) { rdata = (DTLS1_RECORD_DATA *)item->data; - if (rdata->rbuf.buf) { - OPENSSL_free(rdata->rbuf.buf); - } + OPENSSL_free(rdata->rbuf.buf); OPENSSL_free(item->data); pitem_free(item); } @@ -271,8 +265,7 @@ int dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA)); item = pitem_new(priority, rdata); if (rdata == NULL || item == NULL) { - if (rdata != NULL) - OPENSSL_free(rdata); + OPENSSL_free(rdata); if (item != NULL) pitem_free(item); @@ -304,8 +297,7 @@ int dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) if (!ssl3_setup_buffers(s)) { SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR); - if (rdata->rbuf.buf != NULL) - OPENSSL_free(rdata->rbuf.buf); + OPENSSL_free(rdata->rbuf.buf); OPENSSL_free(rdata); pitem_free(item); return (-1); @@ -314,8 +306,7 @@ int dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) /* insert should not fail, since duplicates are dropped */ if (pqueue_insert(queue->q, item) == NULL) { SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR); - if (rdata->rbuf.buf != NULL) - OPENSSL_free(rdata->rbuf.buf); + OPENSSL_free(rdata->rbuf.buf); OPENSSL_free(rdata); pitem_free(item); return (-1); diff --git a/ssl/record/ssl3_buffer.c b/ssl/record/ssl3_buffer.c index 732420e27b..5a8d34c6fb 100644 --- a/ssl/record/ssl3_buffer.c +++ b/ssl/record/ssl3_buffer.c @@ -122,8 +122,7 @@ void SSL3_BUFFER_set_data(SSL3_BUFFER *b, const unsigned char *d, int n) void SSL3_BUFFER_release(SSL3_BUFFER *b) { - if (b->buf != NULL) - OPENSSL_free(b->buf); + OPENSSL_free(b->buf); b->buf = NULL; } @@ -224,10 +223,8 @@ int ssl3_release_write_buffer(SSL *s) wb = RECORD_LAYER_get_wbuf(&s->rlayer); - if (wb->buf != NULL) { - OPENSSL_free(wb->buf); - wb->buf = NULL; - } + OPENSSL_free(wb->buf); + wb->buf = NULL; return 1; } @@ -236,9 +233,7 @@ int ssl3_release_read_buffer(SSL *s) SSL3_BUFFER *b; b = RECORD_LAYER_get_rbuf(&s->rlayer); - if (b->buf != NULL) { - OPENSSL_free(b->buf); - b->buf = NULL; - } + OPENSSL_free(b->buf); + b->buf = NULL; return 1; } diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 33d0b302f0..1e6f88ea1e 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -139,8 +139,7 @@ void SSL3_RECORD_clear(SSL3_RECORD *r) void SSL3_RECORD_release(SSL3_RECORD *r) { - if (r->comp != NULL) - OPENSSL_free(r->comp); + OPENSSL_free(r->comp); r->comp = NULL; } diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 71756cda2e..52ddec1455 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1401,8 +1401,7 @@ int ssl3_get_key_exchange(SSL *s) */ if (alg_k & SSL_kPSK) { s->session->sess_cert = ssl_sess_cert_new(); - if (s->ctx->psk_identity_hint) - OPENSSL_free(s->ctx->psk_identity_hint); + OPENSSL_free(s->ctx->psk_identity_hint); s->ctx->psk_identity_hint = NULL; } #endif @@ -1471,8 +1470,7 @@ int ssl3_get_key_exchange(SSL *s) */ memcpy(tmp_id_hint, p, i); memset(tmp_id_hint + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i); - if (s->ctx->psk_identity_hint != NULL) - OPENSSL_free(s->ctx->psk_identity_hint); + OPENSSL_free(s->ctx->psk_identity_hint); s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint); if (s->ctx->psk_identity_hint == NULL) { al = SSL_AD_HANDSHAKE_FAILURE; @@ -2054,10 +2052,8 @@ int ssl3_get_certificate_request(SSL *s) /* get the certificate types */ ctype_num = *(p++); - if (s->cert->ctypes) { - OPENSSL_free(s->cert->ctypes); - s->cert->ctypes = NULL; - } + OPENSSL_free(s->cert->ctypes); + s->cert->ctypes = NULL; if (ctype_num > SSL3_CT_NUMBER) { /* If we exceed static buffer copy all to cert structure */ s->cert->ctypes = OPENSSL_malloc(ctype_num); @@ -2193,10 +2189,8 @@ int ssl3_get_new_session_ticket(SSL *s) SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH); goto f_err; } - if (s->session->tlsext_tick) { - OPENSSL_free(s->session->tlsext_tick); - s->session->tlsext_ticklen = 0; - } + OPENSSL_free(s->session->tlsext_tick); + s->session->tlsext_ticklen = 0; s->session->tlsext_tick = OPENSSL_malloc(ticklen); if (!s->session->tlsext_tick) { SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE); @@ -2257,8 +2251,7 @@ int ssl3_get_cert_status(SSL *s) SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH); goto f_err; } - if (s->tlsext_ocsp_resp) - OPENSSL_free(s->tlsext_ocsp_resp); + OPENSSL_free(s->tlsext_ocsp_resp); s->tlsext_ocsp_resp = BUF_memdup(p, resplen); if (!s->tlsext_ocsp_resp) { al = SSL_AD_INTERNAL_ERROR; @@ -2786,8 +2779,7 @@ int ssl3_send_client_key_exchange(SSL *s) /* Free allocated memory */ BN_CTX_free(bn_ctx); - if (encodedPoint != NULL) - OPENSSL_free(encodedPoint); + OPENSSL_free(encodedPoint); EC_KEY_free(clnt_ecdh); EVP_PKEY_free(srvr_pub_pkey); } @@ -2919,8 +2911,7 @@ int ssl3_send_client_key_exchange(SSL *s) ERR_R_INTERNAL_ERROR); goto err; } - if (s->session->srp_username != NULL) - OPENSSL_free(s->session->srp_username); + OPENSSL_free(s->session->srp_username); s->session->srp_username = BUF_strdup(s->srp_ctx.login); if (s->session->srp_username == NULL) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, @@ -2985,8 +2976,7 @@ int ssl3_send_client_key_exchange(SSL *s) t += psk_len; s2n(psk_len, t); - if (s->session->psk_identity_hint != NULL) - OPENSSL_free(s->session->psk_identity_hint); + OPENSSL_free(s->session->psk_identity_hint); s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint); if (s->ctx->psk_identity_hint != NULL @@ -2996,8 +2986,7 @@ int ssl3_send_client_key_exchange(SSL *s) goto psk_err; } - if (s->session->psk_identity != NULL) - OPENSSL_free(s->session->psk_identity); + OPENSSL_free(s->session->psk_identity); s->session->psk_identity = BUF_strdup(identity); if (s->session->psk_identity == NULL) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, @@ -3090,8 +3079,7 @@ int ssl3_send_client_key_exchange(SSL *s) s->cert->pms = NULL; #ifndef OPENSSL_NO_EC BN_CTX_free(bn_ctx); - if (encodedPoint != NULL) - OPENSSL_free(encodedPoint); + OPENSSL_free(encodedPoint); EC_KEY_free(clnt_ecdh); EVP_PKEY_free(srvr_pub_pkey); #endif diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 190d0f1b93..16a60c6167 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3187,11 +3187,9 @@ void ssl3_clear(SSL *s) s->version = SSL3_VERSION; #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) - if (s->next_proto_negotiated) { - OPENSSL_free(s->next_proto_negotiated); - s->next_proto_negotiated = NULL; - s->next_proto_negotiated_len = 0; - } + OPENSSL_free(s->next_proto_negotiated); + s->next_proto_negotiated = NULL; + s->next_proto_negotiated_len = 0; #endif } @@ -3331,8 +3329,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) #ifndef OPENSSL_NO_TLSEXT case SSL_CTRL_SET_TLSEXT_HOSTNAME: if (larg == TLSEXT_NAMETYPE_host_name) { - if (s->tlsext_hostname != NULL) - OPENSSL_free(s->tlsext_hostname); + OPENSSL_free(s->tlsext_hostname); s->tlsext_hostname = NULL; ret = 1; @@ -3386,8 +3383,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) return s->tlsext_ocsp_resplen; case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: - if (s->tlsext_ocsp_resp) - OPENSSL_free(s->tlsext_ocsp_resp); + OPENSSL_free(s->tlsext_ocsp_resp); s->tlsext_ocsp_resp = parg; s->tlsext_ocsp_resplen = larg; ret = 1; @@ -3833,8 +3829,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) # ifndef OPENSSL_NO_SRP case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME: ctx->srp_ctx.srp_Mask |= SSL_kSRP; - if (ctx->srp_ctx.login != NULL) - OPENSSL_free(ctx->srp_ctx.login); + OPENSSL_free(ctx->srp_ctx.login); ctx->srp_ctx.login = NULL; if (parg == NULL) break; @@ -4281,10 +4276,8 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len) { - if (c->ctypes) { - OPENSSL_free(c->ctypes); - c->ctypes = NULL; - } + OPENSSL_free(c->ctypes); + c->ctypes = NULL; if (!p || !len) return 1; if (len > 0xff) diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 77420a1e7a..3e5c57af5e 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -2019,8 +2019,7 @@ int ssl3_send_server_key_exchange(SSL *s) ssl3_send_alert(s, SSL3_AL_FATAL, al); err: #ifndef OPENSSL_NO_EC - if (encodedPoint != NULL) - OPENSSL_free(encodedPoint); + OPENSSL_free(encodedPoint); BN_CTX_free(bn_ctx); #endif EVP_MD_CTX_cleanup(&md_ctx); @@ -2763,16 +2762,14 @@ int ssl3_get_client_key_exchange(SSL *s) t += psk_len; s2n(psk_len, t); - if (s->session->psk_identity != NULL) - OPENSSL_free(s->session->psk_identity); + OPENSSL_free(s->session->psk_identity); s->session->psk_identity = BUF_strdup((char *)p); if (s->session->psk_identity == NULL) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); goto psk_err; } - if (s->session->psk_identity_hint != NULL) - OPENSSL_free(s->session->psk_identity_hint); + OPENSSL_free(s->session->psk_identity_hint); s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint); if (s->ctx->psk_identity_hint != NULL && s->session->psk_identity_hint == NULL) { @@ -2821,8 +2818,7 @@ int ssl3_get_client_key_exchange(SSL *s) SSL_R_BAD_SRP_PARAMETERS); goto f_err; } - if (s->session->srp_username != NULL) - OPENSSL_free(s->session->srp_username); + OPENSSL_free(s->session->srp_username); s->session->srp_username = BUF_strdup(s->srp_ctx.login); if (s->session->srp_username == NULL) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); @@ -3473,8 +3469,7 @@ int ssl3_send_newsession_ticket(SSL *s) /* SSL3_ST_SW_SESSION_TICKET_B */ return ssl_do_write(s); err: - if (senc) - OPENSSL_free(senc); + OPENSSL_free(senc); EVP_CIPHER_CTX_cleanup(&ctx); HMAC_CTX_cleanup(&hctx); return -1; diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index b6e784924d..2a07a9b596 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -285,10 +285,8 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) static int ssl_session_strndup(char **pdst, ASN1_OCTET_STRING *src) { - if (*pdst) { - OPENSSL_free(*pdst); - *pdst = NULL; - } + OPENSSL_free(*pdst); + *pdst = NULL; if (src == NULL) return 1; *pdst = BUF_strndup((char *)src->data, src->length); diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 14decbc149..41af4f663e 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -1560,7 +1560,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK if (ok && (strlen(rule_p) > 0)) ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list, c); - OPENSSL_free((void *)ca_list); /* Not needed anymore */ + OPENSSL_free(ca_list); /* Not needed anymore */ if (!ok) { /* Rule processing failure */ OPENSSL_free(co_list); diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 97b4fb9414..5a19a75dbf 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -380,8 +380,7 @@ static int cmd_Certificate(SSL_CONF_CTX *cctx, const char *value) } if (rv > 0 && c && cctx->flags & SSL_CONF_FLAG_REQUIRE_PRIVATE) { char **pfilename = &cctx->cert_filename[c->key - c->pkeys]; - if (*pfilename) - OPENSSL_free(*pfilename); + OPENSSL_free(*pfilename); *pfilename = BUF_strdup(value); if (!*pfilename) rv = 0; @@ -659,11 +658,9 @@ void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx) if (cctx) { size_t i; for (i = 0; i < SSL_PKEY_NUM; i++) { - if (cctx->cert_filename[i]) - OPENSSL_free(cctx->cert_filename[i]); + OPENSSL_free(cctx->cert_filename[i]); } - if (cctx->prefix) - OPENSSL_free(cctx->prefix); + OPENSSL_free(cctx->prefix); OPENSSL_free(cctx); } } @@ -688,8 +685,7 @@ int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *pre) if (tmp == NULL) return 0; } - if (cctx->prefix) - OPENSSL_free(cctx->prefix); + OPENSSL_free(cctx->prefix); cctx->prefix = tmp; if (tmp) cctx->prefixlen = strlen(tmp); diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 7319cd85df..5b56ac79e3 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -570,22 +570,17 @@ void SSL_free(SSL *s) /* Free up if allocated */ #ifndef OPENSSL_NO_TLSEXT - if (s->tlsext_hostname) - OPENSSL_free(s->tlsext_hostname); + OPENSSL_free(s->tlsext_hostname); SSL_CTX_free(s->initial_ctx); # ifndef OPENSSL_NO_EC - if (s->tlsext_ecpointformatlist) - OPENSSL_free(s->tlsext_ecpointformatlist); - if (s->tlsext_ellipticcurvelist) - OPENSSL_free(s->tlsext_ellipticcurvelist); + OPENSSL_free(s->tlsext_ecpointformatlist); + OPENSSL_free(s->tlsext_ellipticcurvelist); # endif /* OPENSSL_NO_EC */ sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free); if (s->tlsext_ocsp_ids) sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free); - if (s->tlsext_ocsp_resp) - OPENSSL_free(s->tlsext_ocsp_resp); - if (s->alpn_client_proto_list) - OPENSSL_free(s->alpn_client_proto_list); + OPENSSL_free(s->tlsext_ocsp_resp); + OPENSSL_free(s->alpn_client_proto_list); #endif sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free); @@ -603,8 +598,7 @@ void SSL_free(SSL *s) #endif /* OPENSSL_NO_KRB5 */ #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) - if (s->next_proto_negotiated) - OPENSSL_free(s->next_proto_negotiated); + OPENSSL_free(s->next_proto_negotiated); #endif #ifndef OPENSSL_NO_SRTP diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 34b6fac2bc..a376875803 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -931,11 +931,8 @@ int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb, int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len) { if (s->version >= TLS1_VERSION) { - if (s->tlsext_session_ticket) { - OPENSSL_free(s->tlsext_session_ticket); - s->tlsext_session_ticket = NULL; - } - + OPENSSL_free(s->tlsext_session_ticket); + s->tlsext_session_ticket = NULL; s->tlsext_session_ticket = OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len); if (!s->tlsext_session_ticket) { diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index edb65582f0..e87d4b3963 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -953,10 +953,8 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, ERR_R_MALLOC_FAILURE); rv = 0; ret: - if (buff != NULL) - OPENSSL_free(buff); - if (val != NULL) - OPENSSL_free(val); + OPENSSL_free(buff); + OPENSSL_free(val); return (rv); } diff --git a/ssl/t1_ext.c b/ssl/t1_ext.c index ce54f4fa15..193cae886a 100644 --- a/ssl/t1_ext.c +++ b/ssl/t1_ext.c @@ -195,8 +195,7 @@ int custom_exts_copy(custom_ext_methods *dst, const custom_ext_methods *src) void custom_exts_free(custom_ext_methods *exts) { - if (exts->meths) - OPENSSL_free(exts->meths); + OPENSSL_free(exts->meths); } /* Set callbacks for a custom extension. */ diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index b77074a0a5..31ebfdde45 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -209,9 +209,7 @@ int tls1_new(SSL *s) void tls1_free(SSL *s) { #ifndef OPENSSL_NO_TLSEXT - if (s->tlsext_session_ticket) { - OPENSSL_free(s->tlsext_session_ticket); - } + OPENSSL_free(s->tlsext_session_ticket); #endif /* OPENSSL_NO_TLSEXT */ ssl3_free(s); } @@ -576,8 +574,7 @@ int tls1_set_curves(unsigned char **pext, size_t *pextlen, dup_list |= idmask; s2n(id, p); } - if (*pext) - OPENSSL_free(*pext); + OPENSSL_free(*pext); *pext = clist; *pextlen = ncurves * 2; return 1; @@ -1779,8 +1776,7 @@ static int tls1_alpn_handle_client_hello(SSL *s, const unsigned char *data, r = s->ctx->alpn_select_cb(s, &selected, &selected_len, data, data_len, s->ctx->alpn_select_cb_arg); if (r == SSL_TLSEXT_ERR_OK) { - if (s->s3->alpn_selected) - OPENSSL_free(s->s3->alpn_selected); + OPENSSL_free(s->s3->alpn_selected); s->s3->alpn_selected = OPENSSL_malloc(selected_len); if (!s->s3->alpn_selected) { *al = SSL_AD_INTERNAL_ERROR; @@ -1894,10 +1890,8 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, s->s3->next_proto_neg_seen = 0; # endif - if (s->s3->alpn_selected) { - OPENSSL_free(s->s3->alpn_selected); - s->s3->alpn_selected = NULL; - } + OPENSSL_free(s->s3->alpn_selected); + s->s3->alpn_selected = NULL; # ifndef OPENSSL_NO_HEARTBEATS s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED | SSL_TLSEXT_HB_DONT_SEND_REQUESTS); @@ -1909,19 +1903,15 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, # endif /* !OPENSSL_NO_EC */ /* Clear any signature algorithms extension received */ - if (s->cert->peer_sigalgs) { - OPENSSL_free(s->cert->peer_sigalgs); - s->cert->peer_sigalgs = NULL; - } + OPENSSL_free(s->cert->peer_sigalgs); + s->cert->peer_sigalgs = NULL; # ifdef TLSEXT_TYPE_encrypt_then_mac s->s3->flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC; # endif # ifndef OPENSSL_NO_SRP - if (s->srp_ctx.login != NULL) { - OPENSSL_free(s->srp_ctx.login); - s->srp_ctx.login = NULL; - } + OPENSSL_free(s->srp_ctx.login); + s->srp_ctx.login = NULL; # endif s->srtp_profile = NULL; @@ -2078,10 +2068,8 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, return 0; } if (!s->hit) { - if (s->session->tlsext_ecpointformatlist) { - OPENSSL_free(s->session->tlsext_ecpointformatlist); - s->session->tlsext_ecpointformatlist = NULL; - } + OPENSSL_free(s->session->tlsext_ecpointformatlist); + s->session->tlsext_ecpointformatlist = NULL; s->session->tlsext_ecpointformatlist_length = 0; if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL) { @@ -2387,10 +2375,8 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, # endif s->tlsext_ticket_expected = 0; - if (s->s3->alpn_selected) { - OPENSSL_free(s->s3->alpn_selected); - s->s3->alpn_selected = NULL; - } + OPENSSL_free(s->s3->alpn_selected); + s->s3->alpn_selected = NULL; # ifndef OPENSSL_NO_HEARTBEATS s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED | SSL_TLSEXT_HB_DONT_SEND_REQUESTS); @@ -2442,8 +2428,7 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, } if (!s->hit) { s->session->tlsext_ecpointformatlist_length = 0; - if (s->session->tlsext_ecpointformatlist != NULL) - OPENSSL_free(s->session->tlsext_ecpointformatlist); + OPENSSL_free(s->session->tlsext_ecpointformatlist); if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL) { *al = TLS1_AD_INTERNAL_ERROR; @@ -2548,8 +2533,7 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, *al = TLS1_AD_DECODE_ERROR; return 0; } - if (s->s3->alpn_selected) - OPENSSL_free(s->s3->alpn_selected); + OPENSSL_free(s->s3->alpn_selected); s->s3->alpn_selected = OPENSSL_malloc(len); if (!s->s3->alpn_selected) { *al = TLS1_AD_INTERNAL_ERROR; @@ -2704,11 +2688,9 @@ int tls1_set_server_sigalgs(SSL *s) int al; size_t i; /* Clear any shared sigtnature algorithms */ - if (s->cert->shared_sigalgs) { - OPENSSL_free(s->cert->shared_sigalgs); - s->cert->shared_sigalgs = NULL; - s->cert->shared_sigalgslen = 0; - } + OPENSSL_free(s->cert->shared_sigalgs); + s->cert->shared_sigalgs = NULL; + s->cert->shared_sigalgslen = 0; /* Clear certificate digests and validity flags */ for (i = 0; i < SSL_PKEY_NUM; i++) { s->cert->pkeys[i].digest = NULL; @@ -2860,10 +2842,8 @@ int ssl_check_serverhello_tlsext(SSL *s) * Set resp to NULL, resplen to -1 so callback knows there is no * response. */ - if (s->tlsext_ocsp_resp) { - OPENSSL_free(s->tlsext_ocsp_resp); - s->tlsext_ocsp_resp = NULL; - } + OPENSSL_free(s->tlsext_ocsp_resp); + s->tlsext_ocsp_resp = NULL; s->tlsext_ocsp_resplen = -1; r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg); if (r == 0) { @@ -3408,11 +3388,10 @@ static int tls1_set_shared_sigalgs(SSL *s) TLS_SIGALGS *salgs = NULL; CERT *c = s->cert; unsigned int is_suiteb = tls1_suiteb(s); - if (c->shared_sigalgs) { - OPENSSL_free(c->shared_sigalgs); - c->shared_sigalgs = NULL; - c->shared_sigalgslen = 0; - } + + OPENSSL_free(c->shared_sigalgs); + c->shared_sigalgs = NULL; + c->shared_sigalgslen = 0; /* If client use client signature algorithms if not NULL */ if (!s->server && c->client_sigalgs && !is_suiteb) { conf = c->client_sigalgs; @@ -3459,8 +3438,7 @@ int tls1_save_sigalgs(SSL *s, const unsigned char *data, int dsize) if (!c) return 0; - if (c->peer_sigalgs) - OPENSSL_free(c->peer_sigalgs); + OPENSSL_free(c->peer_sigalgs); c->peer_sigalgs = OPENSSL_malloc(dsize); if (!c->peer_sigalgs) return 0; @@ -3840,13 +3818,11 @@ int tls1_set_sigalgs(CERT *c, const int *psig_nids, size_t salglen, } if (client) { - if (c->client_sigalgs) - OPENSSL_free(c->client_sigalgs); + OPENSSL_free(c->client_sigalgs); c->client_sigalgs = sigalgs; c->client_sigalgslen = salglen; } else { - if (c->conf_sigalgs) - OPENSSL_free(c->conf_sigalgs); + OPENSSL_free(c->conf_sigalgs); c->conf_sigalgs = sigalgs; c->conf_sigalgslen = salglen; } |