diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-12-23 19:33:03 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-02-04 07:28:11 +0100 |
commit | d53b437f9992f974c1623e9b9b9bdf053aefbcc3 (patch) | |
tree | 12b15a5d0a6e885be5e9118c5b4542c6234039f0 /crypto/ocsp | |
parent | b91a13f429570512bfee290e8ec50096b0667e45 (diff) |
Allow NULL arg to OPENSSL_sk_{dup,deep_copy} returning empty stack
This simplifies many usages
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14040)
Diffstat (limited to 'crypto/ocsp')
-rw-r--r-- | crypto/ocsp/ocsp_vfy.c | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c index f49f651007..56b9261640 100644 --- a/crypto/ocsp/ocsp_vfy.c +++ b/crypto/ocsp/ocsp_vfy.c @@ -113,10 +113,9 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs, goto end; if ((flags & OCSP_NOVERIFY) == 0) { ret = -1; - if ((flags & OCSP_NOCHAIN) != 0) { - untrusted = NULL; - } else if (bs->certs != NULL && certs != NULL) { - untrusted = sk_X509_dup(bs->certs); + if ((flags & OCSP_NOCHAIN) == 0) { + if ((untrusted = sk_X509_dup(bs->certs)) == NULL) + goto end; if (!X509_add_certs(untrusted, certs, X509_ADD_FLAG_DEFAULT)) goto end; } else if (certs != NULL) { @@ -159,8 +158,7 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs, end: sk_X509_pop_free(chain, X509_free); - if (bs->certs && certs) - sk_X509_free(untrusted); + sk_X509_free(untrusted); return ret; } |