diff options
| author | Tomas Mraz <tomas@openssl.org> | 2023-08-16 16:18:59 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2023-08-18 15:06:18 +0200 |
| commit | 2b2eedfdd614e4c5e2104acf44da0bcdd5b90ade (patch) | |
| tree | 87851ea3fd1421dbfa34605eb28c2d5a18010093 /crypto/cmp | |
| parent | 8b940b69457f0dd43496c16afaa01f510f0d8a19 (diff) | |
cmp_genm.c: Remove superfluous store_ctx != 0 check
This really cannot be ever called with NULL store_ctx
and the check confuses Coverity.
Fixes Coverity 1538865
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21755)
Diffstat (limited to 'crypto/cmp')
| -rw-r--r-- | crypto/cmp/cmp_genm.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/cmp/cmp_genm.c b/crypto/cmp/cmp_genm.c index 74ac1d4b05..97a7293db3 100644 --- a/crypto/cmp/cmp_genm.c +++ b/crypto/cmp/cmp_genm.c @@ -180,7 +180,7 @@ int OSSL_CMP_get1_caCerts(OSSL_CMP_CTX *ctx, STACK_OF(X509) **out) static int selfsigned_verify_cb(int ok, X509_STORE_CTX *store_ctx) { - if (ok == 0 && store_ctx != NULL + if (ok == 0 && X509_STORE_CTX_get_error_depth(store_ctx) == 0 && X509_STORE_CTX_get_error(store_ctx) == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) { |