Google Git
Sign in
boringssl / boringssl.git / 310d3f63f38cf8a82fa9ae5032e343ba5159eb4d^! / .
commit310d3f63f38cf8a82fa9ae5032e343ba5159eb4d[log] [tgz]
authorAdam Langley <agl@google.com>Tue Jul 12 10:39:20 2016 -0700
committerDavid Benjamin <davidben@google.com>Tue Jul 12 17:55:41 2016 +0000
tree18b60b1a10d16a7771c2c7f36bc991d65fa5d307
parent27516f7c9762c2b21ff4add87aa5b7ac41237575 [diff]
Change |EVP_PKEY_up_ref| to return int.

Upstream have added |EVP_PKEY_up_ref|, but their version returns an int.
Having this function with a different signature like that is dangerous
so this change aligns BoringSSL with upstream. Users of this function in
Chromium and internally should already have been updated.

Change-Id: I0a7aeaf1a1ca3b0f0c635e2ee3826aa100b18157
Reviewed-on: https://boringssl-review.googlesource.com/8736
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/crypto/evp/evp.c b/crypto/evp/evp.c
index ee207f9..3b4b05b 100644
--- a/crypto/evp/evp.c
+++ b/crypto/evp/evp.c

@@ -108,9 +108,9 @@
   OPENSSL_free(pkey);
 }
 
-EVP_PKEY *EVP_PKEY_up_ref(EVP_PKEY *pkey) {
+int EVP_PKEY_up_ref(EVP_PKEY *pkey) {
   CRYPTO_refcount_inc(&pkey->references);
-  return pkey;
+  return 1;
 }
 
 int EVP_PKEY_is_opaque(const EVP_PKEY *pkey) {

diff --git a/crypto/evp/evp_ctx.c b/crypto/evp/evp_ctx.c
index f510f6c..f7d4b41 100644
--- a/crypto/evp/evp_ctx.c
+++ b/crypto/evp/evp_ctx.c

@@ -112,7 +112,8 @@
   ret->operation = EVP_PKEY_OP_UNDEFINED;
 
   if (pkey) {
-    ret->pkey = EVP_PKEY_up_ref(pkey);
+    EVP_PKEY_up_ref(pkey);
+    ret->pkey = pkey;
   }
 
   if (pmeth->init) {
@@ -165,14 +166,16 @@
   rctx->operation = pctx->operation;
 
   if (pctx->pkey) {
-    rctx->pkey = EVP_PKEY_up_ref(pctx->pkey);
+    EVP_PKEY_up_ref(pctx->pkey);
+    rctx->pkey = pctx->pkey;
     if (rctx->pkey == NULL) {
       goto err;
     }
   }
 
   if (pctx->peerkey) {
-    rctx->peerkey = EVP_PKEY_up_ref(pctx->peerkey);
+    EVP_PKEY_up_ref(pctx->peerkey);
+    rctx->peerkey = pctx->peerkey;
     if (rctx->peerkey == NULL) {
       goto err;
     }

diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c
index 23534b2..3d07d66 100644
--- a/crypto/x509/x_pubkey.c
+++ b/crypto/x509/x_pubkey.c

@@ -141,7 +141,8 @@
     CRYPTO_STATIC_MUTEX_lock_read(&g_pubkey_lock);
     if (key->pkey != NULL) {
         CRYPTO_STATIC_MUTEX_unlock_read(&g_pubkey_lock);
-        return EVP_PKEY_up_ref(key->pkey);
+        EVP_PKEY_up_ref(key->pkey);
+        return key->pkey;
     }
     CRYPTO_STATIC_MUTEX_unlock_read(&g_pubkey_lock);
 
@@ -170,7 +171,8 @@
     }
 
     OPENSSL_free(spki);
-    return EVP_PKEY_up_ref(ret);
+    EVP_PKEY_up_ref(ret);
+    return ret;
 
  error:
     OPENSSL_free(spki);

diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 5407407..e4f812a 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h

@@ -89,8 +89,8 @@
  * itself. */
 OPENSSL_EXPORT void EVP_PKEY_free(EVP_PKEY *pkey);
 
-/* EVP_PKEY_up_ref increments the reference count of |pkey| and returns it. */
-OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_up_ref(EVP_PKEY *pkey);
+/* EVP_PKEY_up_ref increments the reference count of |pkey| and returns one. */
+OPENSSL_EXPORT int EVP_PKEY_up_ref(EVP_PKEY *pkey);
 
 /* EVP_PKEY_is_opaque returns one if |pkey| is opaque. Opaque keys are backed by
  * custom implementations which do not expose key material and parameters. It is

diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index d61f9f5..dead3ba 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c

@@ -174,7 +174,8 @@
   }
 
   if (cert->privatekey != NULL) {
-    ret->privatekey = EVP_PKEY_up_ref(cert->privatekey);
+    EVP_PKEY_up_ref(cert->privatekey);
+    ret->privatekey = cert->privatekey;
   }
 
   if (cert->chain) {

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index e0cba62..ca52233 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c

@@ -456,8 +456,8 @@
 
   ssl->tlsext_channel_id_enabled = ctx->tlsext_channel_id_enabled;
   if (ctx->tlsext_channel_id_private) {
-    ssl->tlsext_channel_id_private =
-        EVP_PKEY_up_ref(ctx->tlsext_channel_id_private);
+    EVP_PKEY_up_ref(ctx->tlsext_channel_id_private);
+    ssl->tlsext_channel_id_private = ctx->tlsext_channel_id_private;
   }
 
   ssl->signed_cert_timestamps_enabled =
@@ -1834,7 +1834,8 @@
   }
 
   EVP_PKEY_free(ctx->tlsext_channel_id_private);
-  ctx->tlsext_channel_id_private = EVP_PKEY_up_ref(private_key);
+  EVP_PKEY_up_ref(private_key);
+  ctx->tlsext_channel_id_private = private_key;
   ctx->tlsext_channel_id_enabled = 1;
 
   return 1;
@@ -1847,7 +1848,8 @@
   }
 
   EVP_PKEY_free(ssl->tlsext_channel_id_private);
-  ssl->tlsext_channel_id_private = EVP_PKEY_up_ref(private_key);
+  EVP_PKEY_up_ref(private_key);
+  ssl->tlsext_channel_id_private = private_key;
   ssl->tlsext_channel_id_enabled = 1;
 
   return 1;

diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index cfa4cda..6dcbcc9 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c

@@ -143,7 +143,8 @@
   }
 
   EVP_PKEY_free(c->privatekey);
-  c->privatekey = EVP_PKEY_up_ref(pkey);
+  EVP_PKEY_up_ref(pkey);
+  c->privatekey = pkey;
 
   return 1;
 }