Use calloc() to remove the need of silly zeroing of most members.

Check for allocation failures and if one happens push an error on the stack and clean up using X509_STORE_free(). ok jsing
author: tb <> 2021-11-05 17:08:12 +0000
committer: tb <> 2021-11-05 17:08:12 +0000
commit: 7f11ef3d087b85d9ef80b28d47e8ce3d7382cacf (patch)
tree: 5c69ffa0b0b51049b73f204e9f5e57ee2588c86d /src/lib
parent: 333b908cb213f668dae7181d2c389929c1ec077c (diff)
download: openbsd-7f11ef3d087b85d9ef80b28d47e8ce3d7382cacf.tar.gz
openbsd-7f11ef3d087b85d9ef80b28d47e8ce3d7382cacf.tar.bz2
openbsd-7f11ef3d087b85d9ef80b28d47e8ce3d7382cacf.zip
1 files changed, 18 insertions, 28 deletions
diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c
index b968a13d6f..3fa572c7ef 100644
--- a/src/lib/libcrypto/x509/x509_lu.c
+++ b/src/lib/libcrypto/x509/x509_lu.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_lu.c,v 1.41 2021/11/05 17:06:42 tb Exp $ */
+/* $OpenBSD: x509_lu.c,v 1.42 2021/11/05 17:08:12 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -186,40 +186,30 @@ x509_object_cmp(const X509_OBJECT * const *a, const X509_OBJECT * const *b)
 X509_STORE *
 X509_STORE_new(void)
 {
-        X509_STORE *ret;
+        X509_STORE *store;
-        if ((ret = malloc(sizeof(X509_STORE))) == NULL)
+        if ((store = calloc(1, sizeof(*store))) == NULL)
-                return NULL;
+                goto err;
-        ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
-        ret->cache = 1;
-        ret->get_cert_methods = sk_X509_LOOKUP_new_null();
-        ret->verify = 0;
-        ret->verify_cb = 0;
-        if ((ret->param = X509_VERIFY_PARAM_new()) == NULL)
+        if ((store->objs = sk_X509_OBJECT_new(x509_object_cmp)) == NULL)
+                goto err;
+        if ((store->get_cert_methods = sk_X509_LOOKUP_new_null()) == NULL)
+                goto err;
+        if ((store->param = X509_VERIFY_PARAM_new()) == NULL)
                goto err;
-        ret->get_issuer = 0;
+        if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, store,
-        ret->check_issued = 0;
+            &store->ex_data))
-        ret->check_revocation = 0;
-        ret->get_crl = 0;
-        ret->check_crl = 0;
-        ret->cert_crl = 0;
-        ret->lookup_certs = 0;
-        ret->lookup_crls = 0;
-        ret->cleanup = 0;
-        if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
                goto err;
-        ret->references = 1;
+        store->references = 1;
-        return ret;
+        return store;
+ err:
+        X509error(ERR_R_MALLOC_FAILURE);
+        X509_STORE_free(store);
-err:
-        X509_VERIFY_PARAM_free(ret->param);
-        sk_X509_LOOKUP_free(ret->get_cert_methods);
-        sk_X509_OBJECT_free(ret->objs);
-        free(ret);
        return NULL;
 }
author	tb <>	2021-11-05 17:08:12 +0000
committer	tb <>	2021-11-05 17:08:12 +0000
commit	7f11ef3d087b85d9ef80b28d47e8ce3d7382cacf (patch)
tree	5c69ffa0b0b51049b73f204e9f5e57ee2588c86d /src/lib
parent	333b908cb213f668dae7181d2c389929c1ec077c (diff)
download	openbsd-7f11ef3d087b85d9ef80b28d47e8ce3d7382cacf.tar.gz openbsd-7f11ef3d087b85d9ef80b28d47e8ce3d7382cacf.tar.bz2 openbsd-7f11ef3d087b85d9ef80b28d47e8ce3d7382cacf.zip

diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c index b968a13d6f..3fa572c7ef 100644 --- a/src/lib/libcrypto/x509/x509_lu.c +++ b/src/lib/libcrypto/x509/x509_lu.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509_lu.c,v 1.41 2021/11/05 17:06:42 tb Exp $ */	1	/* $OpenBSD: x509_lu.c,v 1.42 2021/11/05 17:08:12 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -186,40 +186,30 @@ x509_object_cmp(const X509_OBJECT * const a, const X509_OBJECT const *b)
186	X509_STORE *	186	X509_STORE *
187	X509_STORE_new(void)	187	X509_STORE_new(void)
188	{	188	{
189	X509_STORE *ret;	189	X509_STORE *store;
190		190
191	if ((ret = malloc(sizeof(X509_STORE))) == NULL)	191	if ((store = calloc(1, sizeof(*store))) == NULL)
192	return NULL;	192	goto err;
193	ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
194	ret->cache = 1;
195	ret->get_cert_methods = sk_X509_LOOKUP_new_null();
196	ret->verify = 0;
197	ret->verify_cb = 0;
198		193
199	if ((ret->param = X509_VERIFY_PARAM_new()) == NULL)	194	if ((store->objs = sk_X509_OBJECT_new(x509_object_cmp)) == NULL)
		195	goto err;
		196	if ((store->get_cert_methods = sk_X509_LOOKUP_new_null()) == NULL)
		197	goto err;
		198	if ((store->param = X509_VERIFY_PARAM_new()) == NULL)
200	goto err;	199	goto err;
201		200
202	ret->get_issuer = 0;	201	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, store,
203	ret->check_issued = 0;	202	&store->ex_data))
204	ret->check_revocation = 0;
205	ret->get_crl = 0;
206	ret->check_crl = 0;
207	ret->cert_crl = 0;
208	ret->lookup_certs = 0;
209	ret->lookup_crls = 0;
210	ret->cleanup = 0;
211
212	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
213	goto err;	203	goto err;
214		204
215	ret->references = 1;	205	store->references = 1;
216	return ret;	206
		207	return store;
		208
		209	err:
		210	X509error(ERR_R_MALLOC_FAILURE);
		211	X509_STORE_free(store);
217		212
218	err:
219	X509_VERIFY_PARAM_free(ret->param);
220	sk_X509_LOOKUP_free(ret->get_cert_methods);
221	sk_X509_OBJECT_free(ret->objs);
222	free(ret);
223	return NULL;	213	return NULL;
224	}	214	}
225		215