*/
unsigned int X509v3_addr_get_afi(const IPAddressFamily *f)
{
- return ((f != NULL &&
- f->addressFamily != NULL && f->addressFamily->data != NULL)
- ? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1]))
- : 0);
+ if (f == NULL
+ || f->addressFamily == NULL
+ || f->addressFamily->data == NULL
+ || f->addressFamily->length < 2)
+ return 0;
+ return (f->addressFamily->data[0] << 8) | f->addressFamily->data[1];
}
/*
if ((aor = IPAddressOrRange_new()) == NULL)
return 0;
aor->type = IPAddressOrRange_addressRange;
- if (!ossl_assert(aor->u.addressRange == NULL))
- return 0;
if ((aor->u.addressRange = IPAddressRange_new()) == NULL)
goto err;
if (aor->u.addressRange->min == NULL &&
for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
f = sk_IPAddressFamily_value(addr, i);
- if (!ossl_assert(f->addressFamily->data != NULL))
- goto err;
if (f->addressFamily->length == keylen &&
!memcmp(f->addressFamily->data, key, keylen))
return f;
} else {
i = 0;
x = sk_X509_value(chain, i);
- if (!ossl_assert(x != NULL)) {
- if (ctx != NULL)
- ctx->error = X509_V_ERR_UNSPECIFIED;
- return 0;
- }
if ((ext = x->rfc3779_addr) == NULL)
goto done;
}
*/
for (i++; i < sk_X509_num(chain); i++) {
x = sk_X509_value(chain, i);
- if (!ossl_assert(x != NULL)) {
- if (ctx != NULL)
- ctx->error = X509_V_ERR_UNSPECIFIED;
- return 0;
- }
if (!X509v3_addr_is_canonical(x->rfc3779_addr))
validation_err(X509_V_ERR_INVALID_EXTENSION);
if (x->rfc3779_addr == NULL) {
/*
* Trust anchor can't inherit.
*/
- if (!ossl_assert(x != NULL)) {
- if (ctx != NULL)
- ctx->error = X509_V_ERR_UNSPECIFIED;
- return 0;
- }
if (x->rfc3779_addr != NULL) {
for (j = 0; j < sk_IPAddressFamily_num(x->rfc3779_addr); j++) {
IPAddressFamily *fp =
{
if (ctx->chain == NULL
|| sk_X509_num(ctx->chain) == 0
- || ctx->verify_cb == NULL)
+ || ctx->verify_cb == NULL) {
+ ctx->error = X509_V_ERR_UNSPECIFIED;
return 0;
+ }
return addr_validate_path_internal(ctx, ctx->chain, NULL);
}
projects / openssl.git / blobdiff