From 0dd57e34be7e25a7d1f09fccc6c9487405424ca5 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Sun, 8 Jun 2014 14:43:57 +0000 Subject: Clean up BIO_free() handling in bio_ssl.c - BIO_free() has its own NULL check, so do not duplicate it here. Make the error handling consistent by always using 'goto err' rather than returning in certain cases. Also add a missing BIO_free(ssl) in BIO_new_ssl_connect(). ok deraadt@ --- src/lib/libssl/bio_ssl.c | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) (limited to 'src/lib/libssl/bio_ssl.c') diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c index 3cd462e06f..649f7513b3 100644 --- a/src/lib/libssl/bio_ssl.c +++ b/src/lib/libssl/bio_ssl.c @@ -494,17 +494,16 @@ BIO_new_buffer_ssl_connect(SSL_CTX *ctx) BIO *ret = NULL, *buf = NULL, *ssl = NULL; if ((buf = BIO_new(BIO_f_buffer())) == NULL) - return (NULL); + goto err; if ((ssl = BIO_new_ssl_connect(ctx)) == NULL) goto err; if ((ret = BIO_push(buf, ssl)) == NULL) goto err; return (ret); + err: - if (buf != NULL) - BIO_free(buf); - if (ssl != NULL) - BIO_free(ssl); + BIO_free(buf); + BIO_free(ssl); return (NULL); } @@ -514,15 +513,16 @@ BIO_new_ssl_connect(SSL_CTX *ctx) BIO *ret = NULL, *con = NULL, *ssl = NULL; if ((con = BIO_new(BIO_s_connect())) == NULL) - return (NULL); + goto err; if ((ssl = BIO_new_ssl(ctx, 1)) == NULL) goto err; if ((ret = BIO_push(ssl, con)) == NULL) goto err; return (ret); + err: - if (con != NULL) - BIO_free(con); + BIO_free(con); + BIO_free(ssl); return (NULL); } @@ -533,11 +533,10 @@ BIO_new_ssl(SSL_CTX *ctx, int client) SSL *ssl; if ((ret = BIO_new(BIO_f_ssl())) == NULL) - return (NULL); - if ((ssl = SSL_new(ctx)) == NULL) { - BIO_free(ret); - return (NULL); - } + goto err; + if ((ssl = SSL_new(ctx)) == NULL) + goto err; + if (client) SSL_set_connect_state(ssl); else @@ -545,6 +544,10 @@ BIO_new_ssl(SSL_CTX *ctx, int client) BIO_set_ssl(ret, ssl, BIO_CLOSE); return (ret); + +err: + BIO_free(ret); + return (NULL); } int -- cgit v1.2.3-55-g6feb