]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 20eb1b6)
Minor fixes and hardening
authorHugo Landau <hlandau@openssl.org>
Wed, 10 Apr 2024 07:21:14 +0000 (08:21 +0100)
committerNeil Horman <nhorman@openssl.org>
Mon, 17 Feb 2025 16:27:32 +0000 (11:27 -0500)
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24037)

ssl/quic/quic_impl.c patch | blob | blame | history
ssl/quic/quic_obj.c patch | blob | blame | history

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index f84fd2a4f7ab5839d6e26e154bc6ce6f01538ead..5916be36804a8d06796fa4fd21d0051a8525cdac 100644 (file)
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -327,8 +327,10 @@ static int expect_quic_as(const SSL *s, QCTX *ctx, uint32_t flags)
         }
 
         if ((flags & QCTX_C) == 0
-            && (qc->default_xso == NULL || (flags & QCTX_S) == 0))
-            return wrong_type(s, flags);
+            && (qc->default_xso == NULL || (flags & QCTX_S) == 0)) {
+            wrong_type(s, flags);
+            goto err;
+        }
 
         ctx->xso            = qc->default_xso;
         break;
diff --git a/ssl/quic/quic_obj.c b/ssl/quic/quic_obj.c
index 827b0c38b04571275d31ad776c63b43cbe38193c..6d4934483a4179e092fac6128471a8e384d26b08 100644 (file)
--- a/ssl/quic/quic_obj.c
+++ b/ssl/quic/quic_obj.c
@@ -81,9 +81,9 @@ static int obj_update_cache(QUIC_OBJ *obj)
 
 SSL_CONNECTION *ossl_quic_obj_get0_handshake_layer(QUIC_OBJ *obj)
 {
-    assert(obj->init_done);
+    assert(obj != NULL && obj->init_done);
 
-    if (obj == NULL || obj->ssl.type != SSL_TYPE_QUIC_CONNECTION)
+    if (obj->ssl.type != SSL_TYPE_QUIC_CONNECTION)
         return NULL;
 
     return SSL_CONNECTION_FROM_SSL_ONLY(((QUIC_CONNECTION *)obj)->tls);
@@ -92,7 +92,10 @@ SSL_CONNECTION *ossl_quic_obj_get0_handshake_layer(QUIC_OBJ *obj)
 /* (Returns a cached result.) */
 int ossl_quic_obj_can_support_blocking(const QUIC_OBJ *obj)
 {
-    QUIC_REACTOR *rtor = ossl_quic_obj_get0_reactor(obj);
+    QUIC_REACTOR *rtor;
+
+    assert(obj != NULL);
+    rtor = ossl_quic_obj_get0_reactor(obj);
 
     return ossl_quic_reactor_can_poll_r(rtor)
         || ossl_quic_reactor_can_poll_w(rtor);
@@ -102,6 +105,7 @@ int ossl_quic_obj_desires_blocking(const QUIC_OBJ *obj)
 {
     unsigned int req_blocking_mode;
 
+    assert(obj != NULL);
     for (; (req_blocking_mode = obj->req_blocking_mode)
             == QUIC_BLOCKING_MODE_INHERIT && obj->parent_obj != NULL;
          obj = obj->parent_obj);
@@ -111,6 +115,8 @@ int ossl_quic_obj_desires_blocking(const QUIC_OBJ *obj)
 
 int ossl_quic_obj_blocking(const QUIC_OBJ *obj)
 {
+    assert(obj != NULL);
+
     if (!ossl_quic_obj_desires_blocking(obj))
         return 0;
 
@@ -121,5 +127,7 @@ int ossl_quic_obj_blocking(const QUIC_OBJ *obj)
 
 void ossl_quic_obj_set_blocking_mode(QUIC_OBJ *obj, unsigned int mode)
 {
+    assert(obj != NULL);
+
     obj->req_blocking_mode = mode;
 }
Mirror of https://github.com/openssl/openssl.git