From 8fdc3734c063146b038608c2412a0f2c9b21b6d6 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Wed, 25 Mar 2015 18:35:24 -0400 Subject: [PATCH] free NULL cleanup. This gets EC_GROUP_clear_free EC_GROUP_free, EC_KEY_free, EC_POINT_clear_free, EC_POINT_free Reviewed-by: Kurt Roeckx --- apps/ec.c | 3 +-- apps/ecparam.c | 3 +-- apps/speed.c | 9 +++---- crypto/ec/ec2_mult.c | 6 ++--- crypto/ec/ec_ameth.c | 12 ++++------ crypto/ec/ec_asn1.c | 21 +++++++--------- crypto/ec/ec_check.c | 3 +-- crypto/ec/ec_curve.c | 3 +-- crypto/ec/ec_key.c | 26 +++++++------------- crypto/ec/ec_lib.c | 21 +++++++--------- crypto/ec/ec_mult.c | 9 +++---- crypto/ec/ec_pmeth.c | 11 ++++----- crypto/ec/ec_print.c | 2 +- crypto/ec/ecp_nistp224.c | 6 ++--- crypto/ec/ecp_nistp256.c | 6 ++--- crypto/ec/ecp_nistp521.c | 6 ++--- crypto/ec/ecp_nistz256.c | 6 ++--- crypto/ec/ectest.c | 48 +++++++++++++------------------------ crypto/ecdh/ecdhtest.c | 18 +++++--------- crypto/ecdh/ech_ossl.c | 3 +-- crypto/ecdsa/ecdsatest.c | 12 ++++------ crypto/ecdsa/ecs_ossl.c | 6 ++--- doc/crypto/EC_GROUP_new.pod | 2 ++ doc/crypto/EC_KEY_new.pod | 1 + doc/crypto/EC_POINT_new.pod | 2 ++ engines/ccgost/gost_ameth.c | 4 +--- ssl/s3_clnt.c | 15 ++++-------- ssl/s3_lib.c | 16 ++++--------- ssl/s3_srvr.c | 3 +-- ssl/ssl_cert.c | 6 ++--- 30 files changed, 103 insertions(+), 186 deletions(-) diff --git a/apps/ec.c b/apps/ec.c index 2064723eb1..aca28540dd 100644 --- a/apps/ec.c +++ b/apps/ec.c @@ -345,8 +345,7 @@ int MAIN(int argc, char **argv) end: BIO_free(in); BIO_free_all(out); - if (eckey) - EC_KEY_free(eckey); + EC_KEY_free(eckey); if (passin) OPENSSL_free(passin); if (passout) diff --git a/apps/ecparam.c b/apps/ecparam.c index d4177474d5..c6a175146c 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -623,8 +623,7 @@ int MAIN(int argc, char **argv) OPENSSL_free(buffer); BIO_free(in); BIO_free_all(out); - if (group != NULL) - EC_GROUP_free(group); + EC_GROUP_free(group); apps_shutdown(); OPENSSL_EXIT(ret); } diff --git a/apps/speed.c b/apps/speed.c index d2034a4898..df972a3b90 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -2457,13 +2457,10 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_EC for (i = 0; i < EC_NUM; i++) - if (ecdsa[i] != NULL) - EC_KEY_free(ecdsa[i]); + EC_KEY_free(ecdsa[i]); for (i = 0; i < EC_NUM; i++) { - if (ecdh_a[i] != NULL) - EC_KEY_free(ecdh_a[i]); - if (ecdh_b[i] != NULL) - EC_KEY_free(ecdh_b[i]); + EC_KEY_free(ecdh_a[i]); + EC_KEY_free(ecdh_b[i]); } #endif diff --git a/crypto/ec/ec2_mult.c b/crypto/ec/ec2_mult.c index 1fa0a536ef..635c0a55f1 100644 --- a/crypto/ec/ec2_mult.c +++ b/crypto/ec/ec2_mult.c @@ -437,10 +437,8 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, ret = 1; err: - if (p) - EC_POINT_free(p); - if (acc) - EC_POINT_free(acc); + EC_POINT_free(p); + EC_POINT_free(acc); if (new_ctx != NULL) BN_CTX_free(new_ctx); return ret; diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index de56c89498..4be85a9e87 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -176,8 +176,7 @@ static EC_KEY *eckey_type2param(int ptype, void *pval) return eckey; ecerr: - if (eckey) - EC_KEY_free(eckey); + EC_KEY_free(eckey); return NULL; } @@ -210,8 +209,7 @@ static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) return 1; ecerr: - if (eckey) - EC_KEY_free(eckey); + EC_KEY_free(eckey); return 0; } @@ -292,8 +290,7 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) ecliberr: ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB); ecerr: - if (eckey) - EC_KEY_free(eckey); + EC_KEY_free(eckey); return 0; } @@ -706,8 +703,7 @@ static int ecdh_cms_set_peerkey(EVP_PKEY_CTX *pctx, if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0) rv = 1; err: - if (ecpeer) - EC_KEY_free(ecpeer); + EC_KEY_free(ecpeer); if (pkpeer) EVP_PKEY_free(pkpeer); return rv; diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index 90de23b116..9bba26ed7e 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -910,9 +910,9 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params) ok = 1; - err:if (!ok) { - if (ret) - EC_GROUP_clear_free(ret); + err: + if (!ok) { + EC_GROUP_clear_free(ret); ret = NULL; } @@ -922,8 +922,7 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params) BN_free(a); if (b) BN_free(b); - if (point) - EC_POINT_free(point); + EC_POINT_free(point); return (ret); } @@ -982,10 +981,10 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len) return NULL; } - if (a && *a) + if (a) { EC_GROUP_clear_free(*a); - if (a) *a = group; + } ECPKPARAMETERS_free(params); return (group); @@ -1030,8 +1029,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) ret = *a; if (priv_key->parameters) { - if (ret->group) - EC_GROUP_clear_free(ret->group); + EC_GROUP_clear_free(ret->group); ret->group = ec_asn1_pkparameters2group(priv_key->parameters); } @@ -1055,8 +1053,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) goto err; } - if (ret->pub_key) - EC_POINT_clear_free(ret->pub_key); + EC_POINT_clear_free(ret->pub_key); ret->pub_key = EC_POINT_new(ret->group); if (ret->pub_key == NULL) { ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); @@ -1098,7 +1095,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) ok = 1; err: if (!ok) { - if (ret && (a == NULL || *a != ret)) + if (a == NULL || *a != ret) EC_KEY_free(ret); ret = NULL; } diff --git a/crypto/ec/ec_check.c b/crypto/ec/ec_check.c index d3f534999e..422ca87cc6 100644 --- a/crypto/ec/ec_check.c +++ b/crypto/ec/ec_check.c @@ -114,7 +114,6 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx) BN_CTX_end(ctx); if (new_ctx != NULL) BN_CTX_free(new_ctx); - if (point) - EC_POINT_free(point); + EC_POINT_free(point); return ret; } diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c index 6199e25c6a..d79637d9e5 100644 --- a/crypto/ec/ec_curve.c +++ b/crypto/ec/ec_curve.c @@ -3114,8 +3114,7 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve) EC_GROUP_free(group); group = NULL; } - if (P) - EC_POINT_free(P); + EC_POINT_free(P); if (ctx) BN_CTX_free(ctx); if (p) diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index 96d489767b..a74ccf70f2 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -120,10 +120,8 @@ void EC_KEY_free(EC_KEY *r) } #endif - if (r->group != NULL) - EC_GROUP_free(r->group); - if (r->pub_key != NULL) - EC_POINT_free(r->pub_key); + EC_GROUP_free(r->group); + EC_POINT_free(r->pub_key); if (r->priv_key != NULL) BN_clear_free(r->priv_key); @@ -146,8 +144,7 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) if (src->group) { const EC_METHOD *meth = EC_GROUP_method_of(src->group); /* clear the old group */ - if (dest->group) - EC_GROUP_free(dest->group); + EC_GROUP_free(dest->group); dest->group = EC_GROUP_new(meth); if (dest->group == NULL) return NULL; @@ -156,8 +153,7 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) } /* copy the public key */ if (src->pub_key && src->group) { - if (dest->pub_key) - EC_POINT_free(dest->pub_key); + EC_POINT_free(dest->pub_key); dest->pub_key = EC_POINT_new(src->group); if (dest->pub_key == NULL) return NULL; @@ -274,7 +270,7 @@ int EC_KEY_generate_key(EC_KEY *eckey) err: if (order) BN_free(order); - if (pub_key != NULL && eckey->pub_key == NULL) + if (eckey->pub_key == NULL) EC_POINT_free(pub_key); if (priv_key != NULL && eckey->priv_key == NULL) BN_free(priv_key); @@ -347,8 +343,7 @@ int EC_KEY_check_key(const EC_KEY *eckey) err: if (ctx != NULL) BN_CTX_free(ctx); - if (point != NULL) - EC_POINT_free(point); + EC_POINT_free(point); return (ok); } @@ -422,8 +417,7 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, err: if (ctx) BN_CTX_free(ctx); - if (point) - EC_POINT_free(point); + EC_POINT_free(point); return ok; } @@ -435,8 +429,7 @@ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key) int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group) { - if (key->group != NULL) - EC_GROUP_free(key->group); + EC_GROUP_free(key->group); key->group = EC_GROUP_dup(group); return (key->group == NULL) ? 0 : 1; } @@ -461,8 +454,7 @@ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key) int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub_key) { - if (key->pub_key != NULL) - EC_POINT_free(key->pub_key); + EC_POINT_free(key->pub_key); key->pub_key = EC_POINT_dup(pub_key, key->group); return (key->pub_key == NULL) ? 0 : 1; } diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 2dcdb40168..0e850d699e 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -138,8 +138,7 @@ void EC_GROUP_free(EC_GROUP *group) if (group->mont_data) BN_MONT_CTX_free(group->mont_data); - if (group->generator != NULL) - EC_POINT_free(group->generator); + EC_POINT_free(group->generator); BN_free(group->order); BN_free(group->cofactor); @@ -164,8 +163,7 @@ void EC_GROUP_clear_free(EC_GROUP *group) if (group->mont_data) BN_MONT_CTX_free(group->mont_data); - if (group->generator != NULL) - EC_POINT_clear_free(group->generator); + EC_POINT_clear_free(group->generator); BN_clear_free(group->order); BN_clear_free(group->cofactor); @@ -232,10 +230,8 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) return 0; } else { /* src->generator == NULL */ - if (dest->generator != NULL) { - EC_POINT_clear_free(dest->generator); - dest->generator = NULL; - } + EC_POINT_clear_free(dest->generator); + dest->generator = NULL; } if (!BN_copy(dest->order, src->order)) @@ -283,10 +279,9 @@ EC_GROUP *EC_GROUP_dup(const EC_GROUP *a) err: if (!ok) { - if (t) - EC_GROUP_free(t); + EC_GROUP_free(t); return NULL; - } else + } return t; } @@ -790,8 +785,8 @@ EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) if (!r) { EC_POINT_free(t); return NULL; - } else - return t; + } + return t; } const EC_METHOD *EC_POINT_method_of(const EC_POINT *point) diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index 16b37db671..243b5392e0 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -556,8 +556,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, err: if (new_ctx != NULL) BN_CTX_free(new_ctx); - if (tmp != NULL) - EC_POINT_free(tmp); + EC_POINT_free(tmp); if (wsize != NULL) OPENSSL_free(wsize); if (wNAF_len != NULL) @@ -759,10 +758,8 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) EC_POINT_free(*p); OPENSSL_free(points); } - if (tmp_point) - EC_POINT_free(tmp_point); - if (base) - EC_POINT_free(base); + EC_POINT_free(tmp_point); + EC_POINT_free(base); return ret; } diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index 4eda2effe9..37f8fa1316 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -146,10 +146,8 @@ static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx) { EC_PKEY_CTX *dctx = ctx->data; if (dctx) { - if (dctx->gen_group) - EC_GROUP_free(dctx->gen_group); - if (dctx->co_key) - EC_KEY_free(dctx->co_key); + EC_GROUP_free(dctx->gen_group); + EC_KEY_free(dctx->co_key); if (dctx->kdf_ukm) OPENSSL_free(dctx->kdf_ukm); OPENSSL_free(dctx); @@ -289,8 +287,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_CURVE); return 0; } - if (dctx->gen_group) - EC_GROUP_free(dctx->gen_group); + EC_GROUP_free(dctx->gen_group); dctx->gen_group = group; return 1; @@ -331,7 +328,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) EC_KEY_set_flags(dctx->co_key, EC_FLAG_COFACTOR_ECDH); else EC_KEY_clear_flags(dctx->co_key, EC_FLAG_COFACTOR_ECDH); - } else if (dctx->co_key) { + } else { EC_KEY_free(dctx->co_key); dctx->co_key = NULL; } diff --git a/crypto/ec/ec_print.c b/crypto/ec/ec_print.c index 96b294d877..7c34694633 100644 --- a/crypto/ec/ec_print.c +++ b/crypto/ec/ec_print.c @@ -110,7 +110,7 @@ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, ret = point; if (!EC_POINT_oct2point(group, ret, buf, buf_len, ctx)) { - if (point == NULL) + if (ret != point) EC_POINT_clear_free(ret); OPENSSL_free(buf); return NULL; diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c index a0c7bec5db..2f1213f1f7 100644 --- a/crypto/ec/ecp_nistp224.c +++ b/crypto/ec/ecp_nistp224.c @@ -1602,8 +1602,7 @@ int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r, err: BN_CTX_end(ctx); - if (generator != NULL) - EC_POINT_free(generator); + EC_POINT_free(generator); if (new_ctx != NULL) BN_CTX_free(new_ctx); if (secrets != NULL) @@ -1739,8 +1738,7 @@ int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx) pre = NULL; err: BN_CTX_end(ctx); - if (generator != NULL) - EC_POINT_free(generator); + EC_POINT_free(generator); if (new_ctx != NULL) BN_CTX_free(new_ctx); if (pre) diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c index d485a97fd8..9ec034669a 100644 --- a/crypto/ec/ecp_nistp256.c +++ b/crypto/ec/ecp_nistp256.c @@ -2193,8 +2193,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, err: BN_CTX_end(ctx); - if (generator != NULL) - EC_POINT_free(generator); + EC_POINT_free(generator); if (new_ctx != NULL) BN_CTX_free(new_ctx); if (secrets != NULL) @@ -2340,8 +2339,7 @@ int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx) pre = NULL; err: BN_CTX_end(ctx); - if (generator != NULL) - EC_POINT_free(generator); + EC_POINT_free(generator); if (new_ctx != NULL) BN_CTX_free(new_ctx); if (pre) diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index 360b9a3516..c8f9d1e78d 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -2006,8 +2006,7 @@ int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r, err: BN_CTX_end(ctx); - if (generator != NULL) - EC_POINT_free(generator); + EC_POINT_free(generator); if (new_ctx != NULL) BN_CTX_free(new_ctx); if (secrets != NULL) @@ -2123,8 +2122,7 @@ int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx) pre = NULL; err: BN_CTX_end(ctx); - if (generator != NULL) - EC_POINT_free(generator); + EC_POINT_free(generator); if (new_ctx != NULL) BN_CTX_free(new_ctx); if (pre) diff --git a/crypto/ec/ecp_nistz256.c b/crypto/ec/ecp_nistz256.c index 0370ae6463..ea692b81ef 100644 --- a/crypto/ec/ecp_nistz256.c +++ b/crypto/ec/ecp_nistz256.c @@ -874,10 +874,8 @@ static int ecp_nistz256_mult_precompute(EC_GROUP *group, BN_CTX *ctx) ecp_nistz256_pre_comp_free(pre_comp); if (precomp_storage) OPENSSL_free(precomp_storage); - if (P) - EC_POINT_free(P); - if (T) - EC_POINT_free(T); + EC_POINT_free(P); + EC_POINT_free(T); return ret; } diff --git a/crypto/ec/ectest.c b/crypto/ec/ectest.c index 2290c8e241..79ec21f820 100644 --- a/crypto/ec/ectest.c +++ b/crypto/ec/ectest.c @@ -864,18 +864,12 @@ static void prime_field_tests(void) BN_free(y); BN_free(z); - if (P_160) - EC_GROUP_free(P_160); - if (P_192) - EC_GROUP_free(P_192); - if (P_224) - EC_GROUP_free(P_224); - if (P_256) - EC_GROUP_free(P_256); - if (P_384) - EC_GROUP_free(P_384); - if (P_521) - EC_GROUP_free(P_521); + EC_GROUP_free(P_160); + EC_GROUP_free(P_192); + EC_GROUP_free(P_224); + EC_GROUP_free(P_256); + EC_GROUP_free(P_384); + EC_GROUP_free(P_521); } @@ -1346,26 +1340,16 @@ static void char2_field_tests(void) BN_free(z); BN_free(cof); - if (C2_K163) - EC_GROUP_free(C2_K163); - if (C2_B163) - EC_GROUP_free(C2_B163); - if (C2_K233) - EC_GROUP_free(C2_K233); - if (C2_B233) - EC_GROUP_free(C2_B233); - if (C2_K283) - EC_GROUP_free(C2_K283); - if (C2_B283) - EC_GROUP_free(C2_B283); - if (C2_K409) - EC_GROUP_free(C2_K409); - if (C2_B409) - EC_GROUP_free(C2_B409); - if (C2_K571) - EC_GROUP_free(C2_K571); - if (C2_B571) - EC_GROUP_free(C2_B571); + EC_GROUP_free(C2_K163); + EC_GROUP_free(C2_B163); + EC_GROUP_free(C2_K233); + EC_GROUP_free(C2_B233); + EC_GROUP_free(C2_K283); + EC_GROUP_free(C2_B283); + EC_GROUP_free(C2_K409); + EC_GROUP_free(C2_B409); + EC_GROUP_free(C2_K571); + EC_GROUP_free(C2_B571); } # endif diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c index 578de316be..a89177e435 100644 --- a/crypto/ecdh/ecdhtest.c +++ b/crypto/ecdh/ecdhtest.c @@ -290,10 +290,8 @@ static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out) BN_free(x_b); if (y_b) BN_free(y_b); - if (b) - EC_KEY_free(b); - if (a) - EC_KEY_free(a); + EC_KEY_free(b); + EC_KEY_free(a); return (ret); } @@ -394,12 +392,10 @@ static EC_KEY *mk_eckey(int nid, const unsigned char *p, size_t plen) err: if (priv) BN_clear_free(priv); - if (pub) - EC_POINT_free(pub); + EC_POINT_free(pub); if (ok) return k; - else if (k) - EC_KEY_free(k); + EC_KEY_free(k); return NULL; } @@ -440,10 +436,8 @@ static int ecdh_kat(BIO *out, const char *cname, int nid, goto err; rv = 1; err: - if (key1) - EC_KEY_free(key1); - if (key2) - EC_KEY_free(key2); + EC_KEY_free(key1); + EC_KEY_free(key2); if (Ztmp) OPENSSL_free(Ztmp); if (rv) diff --git a/crypto/ecdh/ech_ossl.c b/crypto/ecdh/ech_ossl.c index 278c41b84a..b8ccf5a719 100644 --- a/crypto/ecdh/ech_ossl.c +++ b/crypto/ecdh/ech_ossl.c @@ -202,8 +202,7 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, } err: - if (tmp) - EC_POINT_free(tmp); + EC_POINT_free(tmp); if (ctx) BN_CTX_end(ctx); if (ctx) diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c index 346ccd053f..3a455b4747 100644 --- a/crypto/ecdsa/ecdsatest.c +++ b/crypto/ecdsa/ecdsatest.c @@ -240,8 +240,7 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) x962_int_err: if (!ret) BIO_printf(out, " failed\n"); - if (key) - EC_KEY_free(key); + EC_KEY_free(key); if (signature) ECDSA_SIG_free(signature); if (r) @@ -354,9 +353,8 @@ int test_builtin(BIO *out) goto builtin_err; EC_GROUP_free(group); degree = EC_GROUP_get_degree(EC_KEY_get0_group(eckey)); - if (degree < 160) + if (degree < 160) { /* drop the curve */ - { EC_KEY_free(eckey); eckey = NULL; continue; @@ -506,10 +504,8 @@ int test_builtin(BIO *out) ret = 1; builtin_err: - if (eckey) - EC_KEY_free(eckey); - if (wrong_eckey) - EC_KEY_free(wrong_eckey); + EC_KEY_free(eckey); + EC_KEY_free(wrong_eckey); if (ecdsa_sig) ECDSA_SIG_free(ecdsa_sig); if (signature) diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c index 1343850e5a..ce2973df20 100644 --- a/crypto/ecdsa/ecs_ossl.c +++ b/crypto/ecdsa/ecs_ossl.c @@ -242,8 +242,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BN_CTX_free(ctx); if (order != NULL) BN_free(order); - if (tmp_point != NULL) - EC_POINT_free(tmp_point); + EC_POINT_free(tmp_point); if (X) BN_clear_free(X); return (ret); @@ -475,7 +474,6 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, err: BN_CTX_end(ctx); BN_CTX_free(ctx); - if (point) - EC_POINT_free(point); + EC_POINT_free(point); return ret; } diff --git a/doc/crypto/EC_GROUP_new.pod b/doc/crypto/EC_GROUP_new.pod index ff55bf33a3..44599e235d 100644 --- a/doc/crypto/EC_GROUP_new.pod +++ b/doc/crypto/EC_GROUP_new.pod @@ -75,8 +75,10 @@ In order to construct a builtin curve use the function EC_GROUP_new_by_curve_nam be constructed. EC_GROUP_free frees the memory associated with the EC_GROUP. +If B is NULL nothing is done. EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. +If B is NULL nothing is done. =head1 RETURN VALUES diff --git a/doc/crypto/EC_KEY_new.pod b/doc/crypto/EC_KEY_new.pod index e859689bcb..c7370581bf 100644 --- a/doc/crypto/EC_KEY_new.pod +++ b/doc/crypto/EC_KEY_new.pod @@ -47,6 +47,7 @@ EC_GROUP_new_by_curve_name. Calling EC_KEY_free decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. +If B is NULL nothing is done. EC_KEY_copy copies the contents of the EC_KEY in B into B. diff --git a/doc/crypto/EC_POINT_new.pod b/doc/crypto/EC_POINT_new.pod index 858baf4244..0a20fced4e 100644 --- a/doc/crypto/EC_POINT_new.pod +++ b/doc/crypto/EC_POINT_new.pod @@ -53,8 +53,10 @@ An EC_POINT represents a point on a curve. A new point is constructed by calling object that the point relates to. EC_POINT_free frees the memory associated with the EC_POINT. +if B is NULL nothing is done. EC_POINT_clear_free destroys any sensitive data held within the EC_POINT and then frees its memory. +if B is NULL nothing is done. EC_POINT_copy copies the point B into B. Both B and B must use the same EC_METHOD. diff --git a/engines/ccgost/gost_ameth.c b/engines/ccgost/gost_ameth.c index bc4532558c..c5ca44f3f7 100644 --- a/engines/ccgost/gost_ameth.c +++ b/engines/ccgost/gost_ameth.c @@ -284,9 +284,7 @@ static void pkey_free_gost94(EVP_PKEY *key) static void pkey_free_gost01(EVP_PKEY *key) { - if (key->pkey.ec) { - EC_KEY_free(key->pkey.ec); - } + EC_KEY_free(key->pkey.ec); } /* ------------------ private key functions -----------------------------*/ diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index bab95f3200..6da125897d 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1388,10 +1388,8 @@ int ssl3_get_key_exchange(SSL *s) s->session->sess_cert->peer_dh_tmp = NULL; #endif #ifndef OPENSSL_NO_EC - if (s->session->sess_cert->peer_ecdh_tmp) { - EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp); - s->session->sess_cert->peer_ecdh_tmp = NULL; - } + EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp); + s->session->sess_cert->peer_ecdh_tmp = NULL; #endif } else { s->session->sess_cert = ssl_sess_cert_new(); @@ -1959,8 +1957,7 @@ int ssl3_get_key_exchange(SSL *s) #ifndef OPENSSL_NO_EC BN_CTX_free(bn_ctx); EC_POINT_free(srvr_ecpoint); - if (ecdh != NULL) - EC_KEY_free(ecdh); + EC_KEY_free(ecdh); #endif EVP_MD_CTX_cleanup(&md_ctx); return (-1); @@ -2760,8 +2757,7 @@ int ssl3_send_client_key_exchange(SSL *s) BN_CTX_free(bn_ctx); if (encodedPoint != NULL) OPENSSL_free(encodedPoint); - if (clnt_ecdh != NULL) - EC_KEY_free(clnt_ecdh); + EC_KEY_free(clnt_ecdh); EVP_PKEY_free(srvr_pub_pkey); } #endif /* !OPENSSL_NO_EC */ @@ -3069,8 +3065,7 @@ int ssl3_send_client_key_exchange(SSL *s) BN_CTX_free(bn_ctx); if (encodedPoint != NULL) OPENSSL_free(encodedPoint); - if (clnt_ecdh != NULL) - EC_KEY_free(clnt_ecdh); + EC_KEY_free(clnt_ecdh); EVP_PKEY_free(srvr_pub_pkey); #endif return (-1); diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index bed4a4e72d..69f3d5d6f7 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3141,8 +3141,7 @@ void ssl3_free(SSL *s) DH_free(s->s3->tmp.dh); #endif #ifndef OPENSSL_NO_EC - if (s->s3->tmp.ecdh != NULL) - EC_KEY_free(s->s3->tmp.ecdh); + EC_KEY_free(s->s3->tmp.ecdh); #endif if (s->s3->tmp.ca_names != NULL) @@ -3182,10 +3181,8 @@ void ssl3_clear(SSL *s) s->s3->tmp.dh = NULL; #endif #ifndef OPENSSL_NO_EC - if (s->s3->tmp.ecdh != NULL) { - EC_KEY_free(s->s3->tmp.ecdh); - s->s3->tmp.ecdh = NULL; - } + EC_KEY_free(s->s3->tmp.ecdh); + s->s3->tmp.ecdh = NULL; #endif #ifndef OPENSSL_NO_TLSEXT # ifndef OPENSSL_NO_EC @@ -3356,8 +3353,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) return (ret); } } - if (s->cert->ecdh_tmp != NULL) - EC_KEY_free(s->cert->ecdh_tmp); + EC_KEY_free(s->cert->ecdh_tmp); s->cert->ecdh_tmp = ecdh; ret = 1; } @@ -3829,9 +3825,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) } } - if (cert->ecdh_tmp != NULL) { - EC_KEY_free(cert->ecdh_tmp); - } + EC_KEY_free(cert->ecdh_tmp); cert->ecdh_tmp = ecdh; return 1; } diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 05dc439c2d..68a8c812e0 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -2886,8 +2886,7 @@ int ssl3_get_client_key_exchange(SSL *s) #ifndef OPENSSL_NO_EC EVP_PKEY_free(clnt_pub_pkey); EC_POINT_free(clnt_ecpoint); - if (srvr_ecdh != NULL) - EC_KEY_free(srvr_ecdh); + EC_KEY_free(srvr_ecdh); BN_CTX_free(bn_ctx); #endif return (-1); diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 367f7a9603..f05a60a30a 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -449,8 +449,7 @@ void ssl_cert_free(CERT *c) DH_free(c->dh_tmp); #endif #ifndef OPENSSL_NO_EC - if (c->ecdh_tmp) - EC_KEY_free(c->ecdh_tmp); + EC_KEY_free(c->ecdh_tmp); #endif ssl_cert_clear_certs(c); @@ -655,8 +654,7 @@ void ssl_sess_cert_free(SESS_CERT *sc) DH_free(sc->peer_dh_tmp); #endif #ifndef OPENSSL_NO_EC - if (sc->peer_ecdh_tmp != NULL) - EC_KEY_free(sc->peer_ecdh_tmp); + EC_KEY_free(sc->peer_ecdh_tmp); #endif OPENSSL_free(sc); -- 2.34.1