Google Git
Sign in
boringssl/boringssl/f6bd54efbcafcf4625ce99b5f702dc4850b0ca50^!/.
commit
f6bd54efbcafcf4625ce99b5f702dc4850b0ca50
[log]
author
David Benjamin <davidben@google.com>
Tue Feb 16 16:29:07 2021 -0500
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Wed Feb 17 02:01:57 2021 +0000
tree
32a5e97ecef5f256443140dc7d82f9b5e6e571f2
parent
e7c0c9734f5491e62665ea156603209a80fbb235 [diff]
Check for OBJ_nid2obj failures in X509_ATTRIBUTE_create.

While I'm here, rewrite it a bit to align more with our preferred style.
(No assignments in conditions, no need for NULL checks on free
functions.)

See also 64a1b940d2b640e5edf0feae90e81bbb6b4941e7 from upstream.

Change-Id: I99a122343541e89d5950888de2c708cfa3ec45e2
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/45686
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/crypto/x509/x_attrib.c b/crypto/x509/x_attrib.c
index de8c95c..9d9397c 100644
--- a/crypto/x509/x_attrib.c
+++ b/crypto/x509/x_attrib.c

@@ -85,27 +85,32 @@
 
 X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
 {
-    X509_ATTRIBUTE *ret = NULL;
-    ASN1_TYPE *val = NULL;
+    const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
+    if (obj == NULL) {
+        return NULL;
+    }
 
-    if ((ret = X509_ATTRIBUTE_new()) == NULL)
-        return (NULL);
-    /* TODO(fork): const correctness. */
-    ret->object = (ASN1_OBJECT *)OBJ_nid2obj(nid);
+    X509_ATTRIBUTE *ret = X509_ATTRIBUTE_new();
+    ASN1_TYPE *val = ASN1_TYPE_new();
+    if (ret == NULL || val == NULL) {
+        goto err;
+    }
+
+    /* TODO(fork): const correctness. |ASN1_OBJECT| is messy because static
+     * objects are const but freeable with a no-op |ASN1_OBJECT_free|. */
+    ret->object = (ASN1_OBJECT *)obj;
     ret->single = 0;
-    if ((ret->value.set = sk_ASN1_TYPE_new_null()) == NULL)
+    ret->value.set = sk_ASN1_TYPE_new_null();
+    if (ret->value.set == NULL ||
+        !sk_ASN1_TYPE_push(ret->value.set, val)) {
         goto err;
-    if ((val = ASN1_TYPE_new()) == NULL)
-        goto err;
-    if (!sk_ASN1_TYPE_push(ret->value.set, val))
-        goto err;
+    }
 
     ASN1_TYPE_set(val, atrtype, value);
-    return (ret);
+    return ret;
+
  err:
-    if (ret != NULL)
-        X509_ATTRIBUTE_free(ret);
-    if (val != NULL)
-        ASN1_TYPE_free(val);
-    return (NULL);
+    X509_ATTRIBUTE_free(ret);
+    ASN1_TYPE_free(val);
+    return NULL;
 }