From 207d5072457060a56e0ae65ce9e652e88178d798 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Fri, 1 Nov 2019 03:41:40 +0000
Subject: Clean up RSA_new_method().

Use calloc() instead of malloc() for initialisation and remove explicit
zero initialisation of members. This ensures that new members always get
initialised.

Also use a single error return path, simplifying code.

ok tb@
---
 src/lib/libcrypto/rsa/rsa_lib.c | 64 ++++++++++++++++-------------------------
 1 file changed, 24 insertions(+), 40 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c
index bf6865d260..7cae5cb2ed 100644
--- a/src/lib/libcrypto/rsa/rsa_lib.c
+++ b/src/lib/libcrypto/rsa/rsa_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_lib.c,v 1.38 2019/10/24 15:47:15 jsing Exp $ */
+/* $OpenBSD: rsa_lib.c,v 1.39 2019/11/01 03:41:40 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -131,68 +131,52 @@ RSA_new_method(ENGINE *engine)
 {
 	RSA *ret;
 
-	ret = malloc(sizeof(RSA));
-	if (ret == NULL) {
+	if ((ret = calloc(1, sizeof(RSA))) == NULL) {
 		RSAerror(ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 
 	ret->meth = RSA_get_default_method();
+
 #ifndef OPENSSL_NO_ENGINE
-	if (engine) {
+	if (engine != NULL) {
 		if (!ENGINE_init(engine)) {
 			RSAerror(ERR_R_ENGINE_LIB);
-			free(ret);
-			return NULL;
+			goto err;
 		}
 		ret->engine = engine;
-	} else
+	} else {
 		ret->engine = ENGINE_get_default_RSA();
-	if (ret->engine) {
-		ret->meth = ENGINE_get_RSA(ret->engine);
-		if (ret->meth == NULL) {
+	}
+
+	if (ret->engine != NULL) {
+		if ((ret->meth = ENGINE_get_RSA(ret->engine)) == NULL) {
 			RSAerror(ERR_R_ENGINE_LIB);
-			ENGINE_finish(ret->engine);
-			free(ret);
-			return NULL;
+			goto err;
 		}
 	}
 #endif
 
-	ret->pad = 0;
-	ret->version = 0;
-	ret->n = NULL;
-	ret->e = NULL;
-	ret->d = NULL;
-	ret->p = NULL;
-	ret->q = NULL;
-	ret->dmp1 = NULL;
-	ret->dmq1 = NULL;
-	ret->iqmp = NULL;
 	ret->references = 1;
-	ret->_method_mod_n = NULL;
-	ret->_method_mod_p = NULL;
-	ret->_method_mod_q = NULL;
-	ret->blinding = NULL;
-	ret->mt_blinding = NULL;
 	ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
-	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
-#ifndef OPENSSL_NO_ENGINE
-		ENGINE_finish(ret->engine);
-#endif
-		free(ret);
-		return NULL;
-	}
+
+	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data))
+		goto err;
 
 	if (ret->meth->init != NULL && !ret->meth->init(ret)) {
-#ifndef OPENSSL_NO_ENGINE
-		ENGINE_finish(ret->engine);
-#endif
 		CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
-		free(ret);
-		ret = NULL;
+		goto err;
 	}
+
 	return ret;
+
+ err:
+#ifndef OPENSSL_NO_ENGINE
+	ENGINE_finish(ret->engine);
+#endif
+	free(ret);
+
+	return NULL;
 }
 
 void
-- 
cgit v1.2.3-55-g6feb