Google Git
Sign in
boringssl/boringssl.git/61b66ffcc29f28900db4b037865a2206eb62242e^!/.
commit
61b66ffcc29f28900db4b037865a2206eb62242e
[log]
author
David Benjamin <davidben@chromium.org>
Fri Jul 25 03:58:53 2014 -0400
committer
Adam Langley <agl@google.com>
Wed Jul 30 00:34:55 2014 +0000
tree
e81bc8bca59cfcceb475ce170aa5cb71045e11c6
parent
59b3a728dc2dd63bf68dad7863e51c72b1be5441 [diff]
Fix error-handling bugs.

Caught by clang scan-build.

Change-Id: I133d0338fe38172d687c02099d909366a59ee95b
Reviewed-on: https://boringssl-review.googlesource.com/1343
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/crypto/rsa/padding.c b/crypto/rsa/padding.c
index c7b088f..b422bb8 100644
--- a/crypto/rsa/padding.c
+++ b/crypto/rsa/padding.c

@@ -474,28 +474,28 @@
   if (db == NULL) {
     OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_OAEP_mgf1,
                       ERR_R_MALLOC_FAILURE);
-    return -1;
+    goto err;
   }
 
   maskedseed = from + 1;
   maskeddb = from + 1 + mdlen;
 
   if (PKCS1_MGF1(seed, mdlen, maskeddb, dblen, mgf1md)) {
-    return -1;
+    goto err;
   }
   for (i = 0; i < mdlen; i++) {
     seed[i] ^= maskedseed[i];
   }
 
   if (PKCS1_MGF1(db, dblen, seed, mdlen, mgf1md)) {
-    return -1;
+    goto err;
   }
   for (i = 0; i < dblen; i++) {
     db[i] ^= maskeddb[i];
   }
 
   if (!EVP_Digest((void *)param, plen, phash, NULL, md, NULL)) {
-    return -1;
+    goto err;
   }
 
   bad = CRYPTO_memcmp(db, phash, mdlen);
@@ -536,6 +536,7 @@
    * which kind of decoding error happened */
   OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_OAEP_mgf1,
                     RSA_R_OAEP_DECODING_ERROR);
+ err:
   if (db != NULL) {
     OPENSSL_free(db);
   }

diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 3cf2d81..63b81c3 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c

@@ -181,34 +181,31 @@
 
 	if ((ret=(X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL)
 		return NULL;
+	memset(ret, 0, sizeof(*ret));
 	ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
-	ret->cache=1;
-	ret->get_cert_methods=sk_X509_LOOKUP_new_null();
-	ret->verify=0;
-	ret->verify_cb=0;
+	ret->cache = 1;
+	ret->get_cert_methods = sk_X509_LOOKUP_new_null();
 
 	if ((ret->param = X509_VERIFY_PARAM_new()) == NULL)
-		return NULL;
-
-	ret->get_issuer = 0;
-	ret->check_issued = 0;
-	ret->check_revocation = 0;
-	ret->get_crl = 0;
-	ret->check_crl = 0;
-	ret->cert_crl = 0;
-	ret->lookup_certs = 0;
-	ret->lookup_crls = 0;
-	ret->cleanup = 0;
+		goto err;
 
 	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
-		{
-		sk_X509_OBJECT_free(ret->objs);
-		OPENSSL_free(ret);
-		return NULL;
-		}
+		goto err;
 
-	ret->references=1;
+	ret->references = 1;
 	return ret;
+err:
+	if (ret)
+		{
+		if (ret->param)
+			X509_VERIFY_PARAM_free(ret->param);
+		if (ret->get_cert_methods)
+			sk_X509_LOOKUP_free(ret->get_cert_methods);
+		if (ret->objs)
+			sk_X509_OBJECT_free(ret->objs);
+		OPENSSL_free(ret);
+		}
+	return NULL;
 	}
 
 static void cleanup(X509_OBJECT *a)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index c26fca9..0acf3d3 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c

@@ -558,7 +558,7 @@
 	return ret;
 
 err:
-	if (ret->ciphers)
+	if (ret && ret->ciphers)
 		sk_SSL_CIPHER_free(ret->ciphers);
 	if (ret)
 		OPENSSL_free(ret);
@@ -586,7 +586,7 @@
 	return ret;
 
 err:
-	if (ret->ciphers)
+	if (ret && ret->ciphers)
 		sk_SSL_CIPHER_free(ret->ciphers);
 	if (ret)
 		OPENSSL_free(ret);