From e0e920b1a063f14f36418f8795c96f2c649400e1 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Sat, 11 Apr 2015 16:32:54 -0400 Subject: [PATCH] free NULL cleanup 9 Ongoing work to skip NULL check before calling free routine. This gets: ecp_nistz256_pre_comp_free nistp224_pre_comp_free nistp256_pre_comp_free nistp521_pre_comp_free PKCS7_free PKCS7_RECIP_INFO_free PKCS7_SIGNER_INFO_free sk_PKCS7_pop_free PKCS8_PRIV_KEY_INFO_free PKCS12_free PKCS12_SAFEBAG_free PKCS12_free sk_PKCS12_SAFEBAG_pop_free SSL_CONF_CTX_free SSL_CTX_free SSL_SESSION_free SSL_free ssl_cert_free ssl_sess_cert_free Reviewed-by: Kurt Roeckx --- apps/apps.c | 3 +-- apps/crl2p7.c | 3 +-- apps/pkcs12.c | 7 ++----- apps/pkcs7.c | 3 +-- crypto/ec/ecp_nistp224.c | 3 +-- crypto/ec/ecp_nistp256.c | 3 +-- crypto/ec/ecp_nistp521.c | 3 +-- crypto/ec/ecp_nistz256.c | 3 +-- crypto/pkcs12/p12_crt.c | 25 ++++++------------------- crypto/pkcs12/p12_init.c | 5 ++--- crypto/pkcs7/pk7_lib.c | 15 +++++---------- demos/smime/smdec.c | 6 +----- demos/smime/smenc.c | 7 +------ demos/smime/smsign.c | 6 +----- demos/smime/smsign2.c | 10 +--------- demos/smime/smver.c | 9 +-------- ssl/ssl_lib.c | 25 ++++++++----------------- ssl/ssl_sess.c | 13 ++++--------- test/evp_extra_test.c | 5 +---- test/ssltest.c | 1 - 20 files changed, 40 insertions(+), 115 deletions(-) diff --git a/apps/apps.c b/apps/apps.c index 1dcaabf87d..65d4e46d57 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -786,8 +786,7 @@ static int load_pkcs12(BIO *err, BIO *in, const char *desc, } ret = PKCS12_parse(p12, pass, pkey, cert, ca); die: - if (p12) - PKCS12_free(p12); + PKCS12_free(p12); return ret; } diff --git a/apps/crl2p7.c b/apps/crl2p7.c index ab0c3d6d28..86b3a94760 100644 --- a/apps/crl2p7.c +++ b/apps/crl2p7.c @@ -270,8 +270,7 @@ int MAIN(int argc, char **argv) end: BIO_free(in); BIO_free_all(out); - if (p7 != NULL) - PKCS7_free(p7); + PKCS7_free(p7); if (crl != NULL) X509_CRL_free(crl); diff --git a/apps/pkcs12.c b/apps/pkcs12.c index a60a055040..43892e5798 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -740,8 +740,7 @@ int MAIN(int argc, char **argv) # endif ret = 0; end: - if (p12) - PKCS12_free(p12); + PKCS12_free(p12); if (export_cert || inrand) app_RAND_write_file(NULL, bio_err); # ifdef CRYPTO_MDEBUG @@ -798,9 +797,7 @@ int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, ret = 1; err: - - if (asafes) - sk_PKCS7_pop_free(asafes, PKCS7_free); + sk_PKCS7_pop_free(asafes, PKCS7_free); return ret; } diff --git a/apps/pkcs7.c b/apps/pkcs7.c index 1b07c022a4..4fcb089b2b 100644 --- a/apps/pkcs7.c +++ b/apps/pkcs7.c @@ -297,8 +297,7 @@ int MAIN(int argc, char **argv) } ret = 0; end: - if (p7 != NULL) - PKCS7_free(p7); + PKCS7_free(p7); BIO_free(in); BIO_free_all(out); apps_shutdown(); diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c index 2f1213f1f7..76adc8a6d1 100644 --- a/crypto/ec/ecp_nistp224.c +++ b/crypto/ec/ecp_nistp224.c @@ -1741,8 +1741,7 @@ int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx) EC_POINT_free(generator); if (new_ctx != NULL) BN_CTX_free(new_ctx); - if (pre) - nistp224_pre_comp_free(pre); + nistp224_pre_comp_free(pre); return ret; } diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c index 9ec034669a..794520e99a 100644 --- a/crypto/ec/ecp_nistp256.c +++ b/crypto/ec/ecp_nistp256.c @@ -2342,8 +2342,7 @@ int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx) EC_POINT_free(generator); if (new_ctx != NULL) BN_CTX_free(new_ctx); - if (pre) - nistp256_pre_comp_free(pre); + nistp256_pre_comp_free(pre); return ret; } diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index c8f9d1e78d..7ceb1bcbfa 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -2125,8 +2125,7 @@ int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx) EC_POINT_free(generator); if (new_ctx != NULL) BN_CTX_free(new_ctx); - if (pre) - nistp521_pre_comp_free(pre); + nistp521_pre_comp_free(pre); return ret; } diff --git a/crypto/ec/ecp_nistz256.c b/crypto/ec/ecp_nistz256.c index ea692b81ef..de9fbea515 100644 --- a/crypto/ec/ecp_nistz256.c +++ b/crypto/ec/ecp_nistz256.c @@ -870,8 +870,7 @@ static int ecp_nistz256_mult_precompute(EC_GROUP *group, BN_CTX *ctx) err: if (ctx != NULL) BN_CTX_end(ctx); - if (pre_comp) - ecp_nistz256_pre_comp_free(pre_comp); + ecp_nistz256_pre_comp_free(pre_comp); if (precomp_storage) OPENSSL_free(precomp_storage); EC_POINT_free(P); diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c index 1b2e889eaf..fcc77cd2fc 100644 --- a/crypto/pkcs12/p12_crt.c +++ b/crypto/pkcs12/p12_crt.c @@ -173,13 +173,9 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, return p12; err: - - if (p12) - PKCS12_free(p12); - if (safes) - sk_PKCS7_pop_free(safes, PKCS7_free); - if (bags) - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); + PKCS12_free(p12); + sk_PKCS7_pop_free(safes, PKCS7_free); + sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); return NULL; } @@ -216,10 +212,7 @@ PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert) return bag; err: - - if (bag) - PKCS12_SAFEBAG_free(bag); - + PKCS12_SAFEBAG_free(bag); return NULL; } @@ -252,10 +245,7 @@ PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, return bag; err: - - if (bag) - PKCS12_SAFEBAG_free(bag); - + PKCS12_SAFEBAG_free(bag); return NULL; } @@ -298,10 +288,7 @@ int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, sk_PKCS7_free(*psafes); *psafes = NULL; } - - if (p7) - PKCS7_free(p7); - + PKCS7_free(p7); return 0; } diff --git a/crypto/pkcs12/p12_init.c b/crypto/pkcs12/p12_init.c index 34710e9e69..22fa10e865 100644 --- a/crypto/pkcs12/p12_init.c +++ b/crypto/pkcs12/p12_init.c @@ -83,10 +83,9 @@ PKCS12 *PKCS12_init(int mode) PKCS12err(PKCS12_F_PKCS12_INIT, PKCS12_R_UNSUPPORTED_PKCS12_MODE); goto err; } - return pkcs12; + err: - if (pkcs12 != NULL) - PKCS12_free(pkcs12); + PKCS12_free(pkcs12); return NULL; } diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c index 956f3f22e7..e14d8c6c3c 100644 --- a/crypto/pkcs7/pk7_lib.c +++ b/crypto/pkcs7/pk7_lib.c @@ -121,8 +121,7 @@ int PKCS7_content_new(PKCS7 *p7, int type) return (1); err: - if (ret != NULL) - PKCS7_free(ret); + PKCS7_free(ret); return (0); } @@ -133,13 +132,11 @@ int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data) i = OBJ_obj2nid(p7->type); switch (i) { case NID_pkcs7_signed: - if (p7->d.sign->contents != NULL) - PKCS7_free(p7->d.sign->contents); + PKCS7_free(p7->d.sign->contents); p7->d.sign->contents = p7_data; break; case NID_pkcs7_digest: - if (p7->d.digest->contents != NULL) - PKCS7_free(p7->d.digest->contents); + PKCS7_free(p7->d.digest->contents); p7->d.digest->contents = p7_data; break; case NID_pkcs7_data: @@ -422,8 +419,7 @@ PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, goto err; return (si); err: - if (si) - PKCS7_SIGNER_INFO_free(si); + PKCS7_SIGNER_INFO_free(si); return (NULL); } @@ -484,8 +480,7 @@ PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) goto err; return ri; err: - if (ri) - PKCS7_RECIP_INFO_free(ri); + PKCS7_RECIP_INFO_free(ri); return NULL; } diff --git a/demos/smime/smdec.c b/demos/smime/smdec.c index a418707b6b..9752dea1f9 100644 --- a/demos/smime/smdec.c +++ b/demos/smime/smdec.c @@ -53,18 +53,14 @@ int main(int argc, char **argv) ret = 0; err: - if (ret) { fprintf(stderr, "Error Signing Data\n"); ERR_print_errors_fp(stderr); } - - if (p7) - PKCS7_free(p7); + PKCS7_free(p7); if (rcert) X509_free(rcert); EVP_PKEY_free(rkey); - BIO_free(in); BIO_free(out); BIO_free(tbio); diff --git a/demos/smime/smenc.c b/demos/smime/smenc.c index 5a85537ad0..2e594ee89e 100644 --- a/demos/smime/smenc.c +++ b/demos/smime/smenc.c @@ -67,23 +67,18 @@ int main(int argc, char **argv) ret = 0; err: - if (ret) { fprintf(stderr, "Error Encrypting Data\n"); ERR_print_errors_fp(stderr); } - - if (p7) - PKCS7_free(p7); + PKCS7_free(p7); if (rcert) X509_free(rcert); if (recips) sk_X509_pop_free(recips, X509_free); - BIO_free(in); BIO_free(out); BIO_free(tbio); - return ret; } diff --git a/demos/smime/smsign.c b/demos/smime/smsign.c index 455efcb483..91ab8e475d 100644 --- a/demos/smime/smsign.c +++ b/demos/smime/smsign.c @@ -63,18 +63,14 @@ int main(int argc, char **argv) ret = 0; err: - if (ret) { fprintf(stderr, "Error Signing Data\n"); ERR_print_errors_fp(stderr); } - - if (p7) - PKCS7_free(p7); + PKCS7_free(p7); if (scert) X509_free(scert); EVP_PKEY_free(skey); - BIO_free(in); BIO_free(out); BIO_free(tbio); diff --git a/demos/smime/smsign2.c b/demos/smime/smsign2.c index 5f20a40349..0ad709d041 100644 --- a/demos/smime/smsign2.c +++ b/demos/smime/smsign2.c @@ -71,27 +71,19 @@ int main(int argc, char **argv) ret = 0; err: - if (ret) { fprintf(stderr, "Error Signing Data\n"); ERR_print_errors_fp(stderr); } - - if (p7) - PKCS7_free(p7); - + PKCS7_free(p7); if (scert) X509_free(scert); EVP_PKEY_free(skey); - if (scert2) X509_free(scert2); EVP_PKEY_free(skey2); - BIO_free(in); BIO_free(out); BIO_free(tbio); - return ret; - } diff --git a/demos/smime/smver.c b/demos/smime/smver.c index 4088d3c38e..c4b6e751a9 100644 --- a/demos/smime/smver.c +++ b/demos/smime/smver.c @@ -61,22 +61,15 @@ int main(int argc, char **argv) ret = 0; err: - if (ret) { fprintf(stderr, "Error Verifying Data\n"); ERR_print_errors_fp(stderr); } - - if (p7) - PKCS7_free(p7); - + PKCS7_free(p7); if (cacert) X509_free(cacert); - BIO_free(in); BIO_free(out); BIO_free(tbio); - return ret; - } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index cb7bd86e2a..42ee3a918c 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -568,15 +568,13 @@ void SSL_free(SSL *s) ssl_clear_hash_ctx(&s->read_hash); ssl_clear_hash_ctx(&s->write_hash); - if (s->cert != NULL) - ssl_cert_free(s->cert); + ssl_cert_free(s->cert); /* Free up if allocated */ #ifndef OPENSSL_NO_TLSEXT if (s->tlsext_hostname) OPENSSL_free(s->tlsext_hostname); - if (s->initial_ctx) - SSL_CTX_free(s->initial_ctx); + SSL_CTX_free(s->initial_ctx); # ifndef OPENSSL_NO_EC if (s->tlsext_ecpointformatlist) OPENSSL_free(s->tlsext_ecpointformatlist); @@ -601,8 +599,7 @@ void SSL_free(SSL *s) RECORD_LAYER_release(&s->rlayer); - if (s->ctx) - SSL_CTX_free(s->ctx); + SSL_CTX_free(s->ctx); #ifndef OPENSSL_NO_KRB5 if (s->kssl_ctx != NULL) @@ -2011,8 +2008,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) err: SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE); err2: - if (ret != NULL) - SSL_CTX_free(ret); + SSL_CTX_free(ret); return (NULL); } @@ -2062,8 +2058,7 @@ void SSL_CTX_free(SSL_CTX *a) sk_SSL_CIPHER_free(a->cipher_list); if (a->cipher_list_by_id != NULL) sk_SSL_CIPHER_free(a->cipher_list_by_id); - if (a->cert != NULL) - ssl_cert_free(a->cert); + ssl_cert_free(a->cert); if (a->client_CA != NULL) sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free); if (a->extra_certs != NULL) @@ -2776,9 +2771,7 @@ SSL *SSL_dup(SSL *s) ret->method->ssl_new(ret); if (s->cert != NULL) { - if (ret->cert != NULL) { - ssl_cert_free(ret->cert); - } + ssl_cert_free(ret->cert); ret->cert = ssl_cert_dup(s->cert); if (ret->cert == NULL) goto err; @@ -2862,8 +2855,7 @@ SSL *SSL_dup(SSL *s) if (0) { err: - if (ret != NULL) - SSL_free(ret); + SSL_free(ret); ret = NULL; } return (ret); @@ -3092,8 +3084,7 @@ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx) } CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); - if (ssl->ctx != NULL) - SSL_CTX_free(ssl->ctx); /* decrement reference count */ + SSL_CTX_free(ssl->ctx); /* decrement reference count */ ssl->ctx = ctx; return (ssl->ctx); diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 24e5d259d4..a213ea90df 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -726,8 +726,7 @@ void SSL_SESSION_free(SSL_SESSION *ss) OPENSSL_cleanse(ss->master_key, sizeof ss->master_key); OPENSSL_cleanse(ss->session_id, sizeof ss->session_id); - if (ss->sess_cert != NULL) - ssl_sess_cert_free(ss->sess_cert); + ssl_sess_cert_free(ss->sess_cert); if (ss->peer != NULL) X509_free(ss->peer); if (ss->ciphers != NULL) @@ -795,18 +794,14 @@ int SSL_set_session(SSL *s, SSL_SESSION *session) /* CRYPTO_w_lock(CRYPTO_LOCK_SSL); */ CRYPTO_add(&session->references, 1, CRYPTO_LOCK_SSL_SESSION); - if (s->session != NULL) - SSL_SESSION_free(s->session); + SSL_SESSION_free(s->session); s->session = session; s->verify_result = s->session->verify_result; /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL); */ ret = 1; } else { - if (s->session != NULL) { - SSL_SESSION_free(s->session); - s->session = NULL; - } - + SSL_SESSION_free(s->session); + s->session = NULL; meth = s->ctx->method; if (meth != s->method) { if (!SSL_set_ssl_method(s, meth)) diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 567ed0f5f9..5641d98fee 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -410,10 +410,7 @@ static int test_EVP_PKCS82PKEY(void) ret = 1; done: - if (p8inf != NULL) { - PKCS8_PRIV_KEY_INFO_free(p8inf); - } - + PKCS8_PRIV_KEY_INFO_free(p8inf); EVP_PKEY_free(pkey); return ret; diff --git a/test/ssltest.c b/test/ssltest.c index 6ad63427ad..25bec77031 100644 --- a/test/ssltest.c +++ b/test/ssltest.c @@ -1791,7 +1791,6 @@ int main(int argc, char *argv[]) end: SSL_CTX_free(s_ctx); SSL_CTX_free(c_ctx); - SSL_CONF_CTX_free(s_cctx); SSL_CONF_CTX_free(c_cctx); sk_OPENSSL_STRING_free(conf_args);