]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
ssl/ech/ech_internal.c: avoid superfluous extval check in ossl_ech_early_decrypt
authorEugene Syromiatnikov <esyr@openssl.org>
Mon, 23 Feb 2026 03:33:07 +0000 (04:33 +0100)
committerTomas Mraz <tomas@openssl.org>
Wed, 25 Feb 2026 11:10:24 +0000 (12:10 +0100)
Remove superfluous extval NULL check on success path, as it cannot
be NULL, and is already dereferenced earlier.

Resolves: https://scan5.scan.coverity.com/#/project-view/65248/10222?selectedIssue=1681447
Fixes: 6c3edd4f3a8a "Add server-side handling of Encrypted Client Hello"
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Wed Feb 25 11:10:41 2026
(Merged from https://github.com/openssl/openssl/pull/30139)

ssl/ech/ech_internal.c

index fbc6c5bbf6940bb79614ea7c67e8fcaf33cdd44a..3ae7e89a95b2ceba86fdec48b81cbe5bcaa537f9 100644 (file)
@@ -2083,11 +2083,9 @@ int ossl_ech_early_decrypt(SSL_CONNECTION *s, PACKET *outerpkt, PACKET *newpkt)
         ossl_ech_pbuf("clear", clear, clearlen);
     }
 #endif
-    if (extval != NULL) {
-        ossl_ech_encch_free(extval);
-        OPENSSL_free(extval);
-        extval = NULL;
-    }
+    ossl_ech_encch_free(extval);
+    OPENSSL_free(extval);
+    extval = NULL;
     if (s->ext.ech.grease == OSSL_ECH_IS_GREASE) {
         OPENSSL_free(clear);
         return 1;