diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2022-08-07 07:08:28 +0200 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2022-09-16 10:31:24 +0200 |
commit | acb39e29c39aef9eefd44214d43ed9498828576d (patch) | |
tree | f574279e6a1903bfa981aa1b7bbee292484c0792 /ssl | |
parent | 25ed1e5a79b19ee9eee97dc67ecaf8c605b251f6 (diff) |
stack.c: add missing direct error reporting and improve coding style
Doing so, had to fix sloppiness in using the stack API in crypto/conf/conf_def.c,
ssl/ssl_ciph.c, ssl/statem/statem_srvr.c, and mostly in test/helpers/ssltestlib.c.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/18918)
(cherry picked from commit 30eba7f35983a917f1007bce45040c0af3442e42)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_ciph.c | 3 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 3 | ||||
-rw-r--r-- | ssl/statem/statem_srvr.c | 2 |
3 files changed, 5 insertions, 3 deletions
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 942ab5c6db..726c45044a 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -532,7 +532,8 @@ int ssl_cipher_get_evp(SSL_CTX *ctx, const SSL_SESSION *s, ctmp.id = s->compress_meth; if (ssl_comp_methods != NULL) { i = sk_SSL_COMP_find(ssl_comp_methods, &ctmp); - *comp = sk_SSL_COMP_value(ssl_comp_methods, i); + if (i >= 0) + *comp = sk_SSL_COMP_value(ssl_comp_methods, i); } /* If were only interested in comp then return success */ if ((enc == NULL) && (md == NULL)) diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 75ef563f1f..f32074b585 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -4987,7 +4987,8 @@ static int ct_move_scts(STACK_OF(SCT) **dst, STACK_OF(SCT) *src, } } - while ((sct = sk_SCT_pop(src)) != NULL) { + while (sk_SCT_num(src) > 0) { + sct = sk_SCT_pop(src); if (SCT_set_source(sct, origin) != 1) goto err; diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 5626e4ea2a..c62ccc628c 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -3551,7 +3551,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt) } X509_free(s->session->peer); - s->session->peer = sk_X509_shift(sk); + s->session->peer = sk_X509_num(sk) == 0 ? NULL: sk_X509_shift(sk); s->session->verify_result = s->verify_result; sk_X509_pop_free(s->session->peer_chain, X509_free); |