free NULL cleanup 10

Avoid checking for NULL before calling free functions. This gets ssl.*free: ssl_sess_cert_free ssl_free ssl_excert_free ssl_cert_free SSL_free SSL_SRP_CTX_free SSL_SESSION_free SSL_CTX_free SSL_CTX_SRP_CTX_free SSL_CONF_CTX_free Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-04-11 10:22:36 -04:00 · 2015-04-11 10:22:36 -04:00 · 62adbcee39
commit 62adbcee39
parent e2010b202a
16 changed files with 30 additions and 47 deletions
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@ -223,10 +223,8 @@ int MAIN(int argc, char **argv)
 end:
    if (use_supported && sk)
        sk_SSL_CIPHER_free(sk);
-    if (ctx != NULL)
-        SSL_CTX_free(ctx);
-    if (ssl != NULL)
-        SSL_free(ssl);
+    SSL_CTX_free(ctx);
+    SSL_free(ssl);
    BIO_free_all(STDout);
    apps_shutdown();
    OPENSSL_EXIT(ret);
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@ -1363,8 +1363,7 @@ OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
        BIO_printf(bio_err, "Error querying OCSP responder\n");
 end:
    BIO_free_all(cbio);
-    if (ctx)
-        SSL_CTX_free(ctx);
+    SSL_CTX_free(ctx);
    return resp;
 }

--- a/apps/s_client.c
+++ b/apps/s_client.c
@ -2024,8 +2024,7 @@ int MAIN(int argc, char **argv)
    if (next_proto.data)
        OPENSSL_free(next_proto.data);
 #endif
-    if (ctx != NULL)
-        SSL_CTX_free(ctx);
+    SSL_CTX_free(ctx);
    if (cert)
        X509_free(cert);
    if (crls)
@ -2040,8 +2039,7 @@ int MAIN(int argc, char **argv)
    ssl_excert_free(exc);
    if (ssl_args)
        sk_OPENSSL_STRING_free(ssl_args);
-    if (cctx)
-        SSL_CONF_CTX_free(cctx);
+    SSL_CONF_CTX_free(cctx);
 #ifndef OPENSSL_NO_JPAKE
    if (jpake_secret && psk_key)
        OPENSSL_free(psk_key);
--- a/apps/s_server.c
+++ b/apps/s_server.c
@ -2003,8 +2003,7 @@ int MAIN(int argc, char *argv[])
    print_stats(bio_s_out, ctx);
    ret = 0;
 end:
-    if (ctx != NULL)
-        SSL_CTX_free(ctx);
+    SSL_CTX_free(ctx);
    if (s_cert)
        X509_free(s_cert);
    if (crls)
@ -2031,8 +2030,7 @@ int MAIN(int argc, char *argv[])
        OPENSSL_free(tlscstatp.port);
    if (tlscstatp.path)
        OPENSSL_free(tlscstatp.path);
-    if (ctx2 != NULL)
-        SSL_CTX_free(ctx2);
+    SSL_CTX_free(ctx2);
    if (s_cert2)
        X509_free(s_cert2);
    EVP_PKEY_free(s_key2);
@ -2047,8 +2045,7 @@ int MAIN(int argc, char *argv[])
    ssl_excert_free(exc);
    if (ssl_args)
        sk_OPENSSL_STRING_free(ssl_args);
-    if (cctx)
-        SSL_CONF_CTX_free(cctx);
+    SSL_CONF_CTX_free(cctx);
 #ifndef OPENSSL_NO_JPAKE
    if (jpake_secret && psk_key)
        OPENSSL_free(psk_key);
--- a/apps/s_time.c
+++ b/apps/s_time.c
@ -540,13 +540,10 @@ int MAIN(int argc, char **argv)

    ret = 0;
 end:
-    if (scon != NULL)
-        SSL_free(scon);
+    SSL_free(scon);

-    if (tm_ctx != NULL) {
-        SSL_CTX_free(tm_ctx);
-        tm_ctx = NULL;
-    }
+    SSL_CTX_free(tm_ctx);
+    tm_ctx = NULL;
    apps_shutdown();
    OPENSSL_EXIT(ret);
 }
--- a/demos/bio/sconnect.c
+++ b/demos/bio/sconnect.c
@ -106,8 +106,7 @@ char *argv[];
            ERR_print_errors_fp(stderr);
    }
    BIO_free_all(out);
-    if (ssl_ctx != NULL)
-        SSL_CTX_free(ssl_ctx);
+    SSL_CTX_free(ssl_ctx);
    exit(!ret);
    return (ret);
 }
--- a/demos/easy_tls/easy-tls.c
+++ b/demos/easy_tls/easy-tls.c
@ -804,8 +804,7 @@ SSL_CTX *tls_create_ctx(struct tls_create_ctx_args a, void *apparg)
 err:
    tls_openssl_errors(err_pref_1, err_pref_2, NULL, apparg);
 err_return:
-    if (ret != NULL)
-        SSL_CTX_free(ret);
+    SSL_CTX_free(ret);
    return NULL;
 }

--- a/doc/ssl/SSL_CONF_CTX_new.pod
+++ b/doc/ssl/SSL_CONF_CTX_new.pod
@ -17,6 +17,7 @@ The function SSL_CONF_CTX_new() allocates and initialises an B<SSL_CONF_CTX>
 structure for use with the SSL_CONF functions.

 The function SSL_CONF_CTX_free() frees up the context B<cctx>.
+If B<cctx> is NULL nothing is done.

 =head1 RETURN VALUES

--- a/doc/ssl/SSL_CTX_free.pod
+++ b/doc/ssl/SSL_CTX_free.pod
@ -20,6 +20,8 @@ It also calls the free()ing procedures for indirectly affected items, if
 applicable: the session cache, the list of ciphers, the list of Client CAs,
 the certificates and keys.

+If B<ctx> is NULL nothing is done.
+
 =head1 WARNINGS

 If a session-remove callback is set (SSL_CTX_sess_set_remove_cb()), this
--- a/doc/ssl/SSL_SESSION_free.pod
+++ b/doc/ssl/SSL_SESSION_free.pod
@ -15,6 +15,7 @@ SSL_SESSION_free - free an allocated SSL_SESSION structure
 SSL_SESSION_free() decrements the reference count of B<session> and removes
 the B<SSL_SESSION> structure pointed to by B<session> and frees up the allocated
 memory, if the reference count has reached 0.
+If B<session> is NULL nothing is done.

 =head1 NOTES

--- a/doc/ssl/SSL_free.pod
+++ b/doc/ssl/SSL_free.pod
@ -15,6 +15,7 @@ SSL_free - free an allocated SSL structure
 SSL_free() decrements the reference count of B<ssl>, and removes the SSL
 structure pointed to by B<ssl> and frees up the allocated memory if the
 reference count has reached 0.
+If B<ssl> is NULL nothing is done.

 =head1 NOTES

--- a/ssl/bio_ssl.c
+++ b/ssl/bio_ssl.c
@ -125,7 +125,7 @@ static int ssl_free(BIO *a)
    if (bs->ssl != NULL)
        SSL_shutdown(bs->ssl);
    if (a->shutdown) {
-        if (a->init && (bs->ssl != NULL))
+        if (a->init)
            SSL_free(bs->ssl);
        a->init = 0;
        a->flags = 0;
@ -416,8 +416,7 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
        break;
    case BIO_CTRL_DUP:
        dbio = (BIO *)ptr;
-        if (((BIO_SSL *)dbio->ptr)->ssl != NULL)
-            SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
+        SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
        ((BIO_SSL *)dbio->ptr)->ssl = SSL_dup(ssl);
        ((BIO_SSL *)dbio->ptr)->renegotiate_count =
            ((BIO_SSL *)b->ptr)->renegotiate_count;
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@ -1215,8 +1215,7 @@ int ssl3_get_server_certificate(SSL *s)
    if (sc == NULL)
        goto err;

-    if (s->session->sess_cert)
-        ssl_sess_cert_free(s->session->sess_cert);
+    ssl_sess_cert_free(s->session->sess_cert);
    s->session->sess_cert = sc;

    sc->cert_chain = sk;
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@ -393,8 +393,7 @@ SSL *SSL_new(SSL_CTX *ctx)

    return (s);
 err:
-    if (s != NULL)
-        SSL_free(s);
+    SSL_free(s);
    SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
    return (NULL);
 }
@ -2992,6 +2991,7 @@ int ssl_init_wbio_buffer(SSL *s, int push)

 void ssl_free_wbio_buffer(SSL *s)
 {
+    /* callers ensure s is never null */
    if (s->bbio == NULL)
        return;

--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@ -292,10 +292,8 @@ int ssl_get_new_session(SSL *s, int session)
    else
        ss->timeout = s->session_ctx->session_timeout;

-    if (s->session != NULL) {
-        SSL_SESSION_free(s->session);
-        s->session = NULL;
-    }
+    SSL_SESSION_free(s->session);
+    s->session = NULL;

    if (session) {
        if (s->version == SSL3_VERSION) {
@ -578,8 +576,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,

    s->session_ctx->stats.sess_hit++;

-    if (s->session != NULL)
-        SSL_SESSION_free(s->session);
+    SSL_SESSION_free(s->session);
    s->session = ret;
    s->verify_result = s->session->verify_result;
    return 1;
--- a/test/ssltest.c
+++ b/test/ssltest.c
@ -1789,15 +1789,11 @@ int main(int argc, char *argv[])
    SSL_free(c_ssl);

 end:
-    if (s_ctx != NULL)
-        SSL_CTX_free(s_ctx);
-    if (c_ctx != NULL)
-        SSL_CTX_free(c_ctx);
+    SSL_CTX_free(s_ctx);
+    SSL_CTX_free(c_ctx);

-    if (s_cctx)
-        SSL_CONF_CTX_free(s_cctx);
-    if (c_cctx)
-        SSL_CONF_CTX_free(c_cctx);
+    SSL_CONF_CTX_free(s_cctx);
+    SSL_CONF_CTX_free(c_cctx);
    sk_OPENSSL_STRING_free(conf_args);

    BIO_free(bio_stdout);