wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

More updates following review feedback

Browse source 
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3740)
This commit is contained in:
Matt Caswell 2017-08-02 15:29:31 +01:00
parent 638c2dd0ab
commit 888098304b
5 changed files with 8 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
crypto/bio/b_print.c
View file

@ -805,7 +805,7 @@ static int
doapr_outch(char **sbuffer, doapr_outch(char **sbuffer,
char **buffer, size_t *currlen, size_t *maxlen, int c) char **buffer, size_t *currlen, size_t *maxlen, int c)
{ {
/* If we haven't at least one buffer, someone has doe a big booboo */ /* If we haven't at least one buffer, someone has done a big booboo */
if (!ossl_assert(*sbuffer != NULL || buffer != NULL)) if (!ossl_assert(*sbuffer != NULL || buffer != NULL))
return 0; return 0;

2
crypto/kdf/tls1_prf.c
View file

@ -184,7 +184,7 @@ static int tls1_prf_P_hash(const EVP_MD *md,
int ret = 0; int ret = 0;
chunk = EVP_MD_size(md); chunk = EVP_MD_size(md);
if (!ossl_assert(chunk >= 0)) if (!ossl_assert(chunk > 0))
goto err; goto err;
ctx = EVP_MD_CTX_new(); ctx = EVP_MD_CTX_new();

3
crypto/x509/x_x509.c
View file

@ -145,9 +145,6 @@ static int i2d_x509_aux_internal(X509 *a, unsigned char **pp)
int length, tmplen; int length, tmplen;
unsigned char *start = pp != NULL ? *pp : NULL; unsigned char *start = pp != NULL ? *pp : NULL;
if (!ossl_assert(pp == NULL || *pp != NULL))
return -1;
/* /*
* This might perturb *pp on error, but fixing that belongs in i2d_X509() * This might perturb *pp on error, but fixing that belongs in i2d_X509()
* not here. It should be that if a == NULL length is zero, but we check * not here. It should be that if a == NULL length is zero, but we check

21
crypto/x509v3/v3_addr.c
View file

@ -496,8 +496,6 @@ static IPAddressFamily *make_IPAddressFamily(IPAddrBlocks *addr,
for (i = 0; i < sk_IPAddressFamily_num(addr); i++) { for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
f = sk_IPAddressFamily_value(addr, i); f = sk_IPAddressFamily_value(addr, i);
if (!ossl_assert(f->addressFamily->data != NULL))
goto err;
if (f->addressFamily->length == keylen && if (f->addressFamily->length == keylen &&
!memcmp(f->addressFamily->data, key, keylen)) !memcmp(f->addressFamily->data, key, keylen))
return f; return f;
@ -1201,11 +1199,6 @@ static int addr_validate_path_internal(X509_STORE_CTX *ctx,
} else { } else {
i = 0; i = 0;
x = sk_X509_value(chain, i); x = sk_X509_value(chain, i);
if (!ossl_assert(x != NULL)) {
if (ctx != NULL)
ctx->error = X509_V_ERR_UNSPECIFIED;
return 0;
}
if ((ext = x->rfc3779_addr) == NULL) if ((ext = x->rfc3779_addr) == NULL)
goto done; goto done;
} }
@ -1227,11 +1220,6 @@ static int addr_validate_path_internal(X509_STORE_CTX *ctx,
*/ */
for (i++; i < sk_X509_num(chain); i++) { for (i++; i < sk_X509_num(chain); i++) {
x = sk_X509_value(chain, i); x = sk_X509_value(chain, i);
if (!ossl_assert(x != NULL)) {
if (ctx != NULL)
ctx->error = X509_V_ERR_UNSPECIFIED;
return 0;
}
if (!X509v3_addr_is_canonical(x->rfc3779_addr)) if (!X509v3_addr_is_canonical(x->rfc3779_addr))
validation_err(X509_V_ERR_INVALID_EXTENSION); validation_err(X509_V_ERR_INVALID_EXTENSION);
if (x->rfc3779_addr == NULL) { if (x->rfc3779_addr == NULL) {
@ -1275,11 +1263,6 @@ static int addr_validate_path_internal(X509_STORE_CTX *ctx,
/* /*
* Trust anchor can't inherit. * Trust anchor can't inherit.
*/ */
if (!ossl_assert(x != NULL)) {
if (ctx != NULL)
ctx->error = X509_V_ERR_UNSPECIFIED;
return 0;
}
if (x->rfc3779_addr != NULL) { if (x->rfc3779_addr != NULL) {
for (j = 0; j < sk_IPAddressFamily_num(x->rfc3779_addr); j++) { for (j = 0; j < sk_IPAddressFamily_num(x->rfc3779_addr); j++) {
IPAddressFamily *fp = IPAddressFamily *fp =
@ -1304,8 +1287,10 @@ int X509v3_addr_validate_path(X509_STORE_CTX *ctx)
{ {
if (ctx->chain == NULL if (ctx->chain == NULL
|| sk_X509_num(ctx->chain) == 0 || sk_X509_num(ctx->chain) == 0
|| ctx->verify_cb == NULL) || ctx->verify_cb == NULL) {
ctx->error = X509_V_ERR_UNSPECIFIED;
return 0; return 0;
}
return addr_validate_path_internal(ctx, ctx->chain, NULL); return addr_validate_path_internal(ctx, ctx->chain, NULL);
} }

9
crypto/x509v3/v3_asid.c
View file

@ -743,11 +743,6 @@ static int asid_validate_path_internal(X509_STORE_CTX *ctx,
} else { } else {
i = 0; i = 0;
x = sk_X509_value(chain, i); x = sk_X509_value(chain, i);
if (!ossl_assert(x != NULL)) {
if (ctx != NULL)
ctx->error = X509_V_ERR_UNSPECIFIED;
return 0;
}
if ((ext = x->rfc3779_asid) == NULL) if ((ext = x->rfc3779_asid) == NULL)
goto done; goto done;
} }
@ -857,8 +852,10 @@ int X509v3_asid_validate_path(X509_STORE_CTX *ctx)
{ {
if (ctx->chain == NULL if (ctx->chain == NULL
|| sk_X509_num(ctx->chain) == 0 || sk_X509_num(ctx->chain) == 0
|| ctx->verify_cb == NULL) || ctx->verify_cb == NULL) {
ctx->error = X509_V_ERR_UNSPECIFIED;
return 0; return 0;
}
return asid_validate_path_internal(ctx, ctx->chain, NULL); return asid_validate_path_internal(ctx, ctx->chain, NULL);
} }