free NULL cleanup Start ensuring all OpenSSL "free" routines allow NULL, and remove any if check before calling them. This gets DH_free, DSA_free, RSA_free Reviewed-by: Matt Caswell <matt@openssl.org>

commit: d64070838ebba86f00fb3755df5d3e65106e1628 [log] [tgz]
author: Rich Salz <rsalz@akamai.com> Tue Mar 24 10:17:37 2015 -0400
committer: Rich Salz <rsalz@akamai.com> Tue Mar 24 23:17:16 2015 -0400
tree: def90b3063d9ebe0f53920604d02b9786216e327
parent: 1300705a47b9c9498b15a384c6c5348adc342e2c [diff]
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index f4b60be..27f03d4 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c

@@ -1380,16 +1380,12 @@
     param = p = (unsigned char *)s->init_msg;
     if (s->session->sess_cert != NULL) {
 #ifndef OPENSSL_NO_RSA
-        if (s->session->sess_cert->peer_rsa_tmp != NULL) {
-            RSA_free(s->session->sess_cert->peer_rsa_tmp);
-            s->session->sess_cert->peer_rsa_tmp = NULL;
-        }
+        RSA_free(s->session->sess_cert->peer_rsa_tmp);
+        s->session->sess_cert->peer_rsa_tmp = NULL;
 #endif
 #ifndef OPENSSL_NO_DH
-        if (s->session->sess_cert->peer_dh_tmp) {
-            DH_free(s->session->sess_cert->peer_dh_tmp);
-            s->session->sess_cert->peer_dh_tmp = NULL;
-        }
+        DH_free(s->session->sess_cert->peer_dh_tmp);
+        s->session->sess_cert->peer_dh_tmp = NULL;
 #endif
 #ifndef OPENSSL_NO_EC
         if (s->session->sess_cert->peer_ecdh_tmp) {
@@ -1955,12 +1951,10 @@
  err:
     EVP_PKEY_free(pkey);
 #ifndef OPENSSL_NO_RSA
-    if (rsa != NULL)
-        RSA_free(rsa);
+    RSA_free(rsa);
 #endif
 #ifndef OPENSSL_NO_DH
-    if (dh != NULL)
-        DH_free(dh);
+    DH_free(dh);
 #endif
 #ifndef OPENSSL_NO_EC
     BN_CTX_free(bn_ctx);

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 6c59824..9893930 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c

@@ -3138,8 +3138,7 @@
     if (s->s3->rrec.comp != NULL)
         OPENSSL_free(s->s3->rrec.comp);
 #ifndef OPENSSL_NO_DH
-    if (s->s3->tmp.dh != NULL)
-        DH_free(s->s3->tmp.dh);
+    DH_free(s->s3->tmp.dh);
 #endif
 #ifndef OPENSSL_NO_EC
     if (s->s3->tmp.ecdh != NULL)
@@ -3181,10 +3180,8 @@
         s->s3->rrec.comp = NULL;
     }
 #ifndef OPENSSL_NO_DH
-    if (s->s3->tmp.dh != NULL) {
-        DH_free(s->s3->tmp.dh);
-        s->s3->tmp.dh = NULL;
-    }
+    DH_free(s->s3->tmp.dh);
+    s->s3->tmp.dh = NULL;
 #endif
 #ifndef OPENSSL_NO_EC
     if (s->s3->tmp.ecdh != NULL) {
@@ -3293,8 +3290,7 @@
                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
                 return (ret);
             }
-            if (s->cert->rsa_tmp != NULL)
-                RSA_free(s->cert->rsa_tmp);
+            RSA_free(s->cert->rsa_tmp);
             s->cert->rsa_tmp = rsa;
             ret = 1;
         }
@@ -3329,8 +3325,7 @@
                     return (ret);
                 }
             }
-            if (s->cert->dh_tmp != NULL)
-                DH_free(s->cert->dh_tmp);
+            DH_free(s->cert->dh_tmp);
             s->cert->dh_tmp = dh;
             ret = 1;
         }
@@ -3766,8 +3761,7 @@
                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB);
                 return (0);
             } else {
-                if (cert->rsa_tmp != NULL)
-                    RSA_free(cert->rsa_tmp);
+                RSA_free(cert->rsa_tmp);
                 cert->rsa_tmp = rsa;
                 return (1);
             }
@@ -3801,8 +3795,7 @@
                     return 0;
                 }
             }
-            if (cert->dh_tmp != NULL)
-                DH_free(cert->dh_tmp);
+            DH_free(cert->dh_tmp);
             cert->dh_tmp = new;
             return 1;
         }

diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index a88d211..cbfe7bb 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c

@@ -443,12 +443,10 @@
 #endif
 
 #ifndef OPENSSL_NO_RSA
-    if (c->rsa_tmp)
-        RSA_free(c->rsa_tmp);
+    RSA_free(c->rsa_tmp);
 #endif
 #ifndef OPENSSL_NO_DH
-    if (c->dh_tmp)
-        DH_free(c->dh_tmp);
+    DH_free(c->dh_tmp);
 #endif
 #ifndef OPENSSL_NO_EC
     if (c->ecdh_tmp)
@@ -651,12 +649,10 @@
     }
 
 #ifndef OPENSSL_NO_RSA
-    if (sc->peer_rsa_tmp != NULL)
-        RSA_free(sc->peer_rsa_tmp);
+    RSA_free(sc->peer_rsa_tmp);
 #endif
 #ifndef OPENSSL_NO_DH
-    if (sc->peer_dh_tmp != NULL)
-        DH_free(sc->peer_dh_tmp);
+    DH_free(sc->peer_dh_tmp);
 #endif
 #ifndef OPENSSL_NO_EC
     if (sc->peer_ecdh_tmp != NULL)

diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index cfed40d..25af065 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c

@@ -421,8 +421,7 @@
     if (cctx->ssl)
         rv = SSL_set_tmp_dh(cctx->ssl, dh);
  end:
-    if (dh)
-        DH_free(dh);
+    DH_free(dh);
     if (in)
         BIO_free(in);
     return rv > 0;

diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index 457ba86..d244ba3 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c

@@ -2968,10 +2968,8 @@
 
 static void free_tmp_rsa(void)
 {
-    if (rsa_tmp != NULL) {
-        RSA_free(rsa_tmp);
-        rsa_tmp = NULL;
-    }
+    RSA_free(rsa_tmp);
+    rsa_tmp = NULL;
 }
 #endif
commit	d64070838ebba86f00fb3755df5d3e65106e1628	[log] [tgz]
author	Rich Salz <rsalz@akamai.com>	Tue Mar 24 10:17:37 2015 -0400
committer	Rich Salz <rsalz@akamai.com>	Tue Mar 24 23:17:16 2015 -0400
tree	def90b3063d9ebe0f53920604d02b9786216e327
parent	1300705a47b9c9498b15a384c6c5348adc342e2c [diff]