From: Tomas Mraz <tomas@openssl.org>
Date: Wed, 16 Aug 2023 14:18:59 +0000 (+0200)
Subject: cmp_genm.c: Remove superfluous store_ctx != 0 check
X-Git-Tag: openssl-3.2.0-alpha1~192
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2b2eedfdd614e4c5e2104acf44da0bcdd5b90ade;p=thirdparty%2Fopenssl.git

cmp_genm.c: Remove superfluous store_ctx != 0 check

This really cannot be ever called with NULL store_ctx
and the check confuses Coverity.

Fixes Coverity 1538865

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21755)
---

diff --git a/crypto/cmp/cmp_genm.c b/crypto/cmp/cmp_genm.c
index 74ac1d4b051..97a7293db3d 100644
--- a/crypto/cmp/cmp_genm.c
+++ b/crypto/cmp/cmp_genm.c
@@ -180,7 +180,7 @@ int OSSL_CMP_get1_caCerts(OSSL_CMP_CTX *ctx, STACK_OF(X509) **out)
 
 static int selfsigned_verify_cb(int ok, X509_STORE_CTX *store_ctx)
 {
-    if (ok == 0 && store_ctx != NULL
+    if (ok == 0
             && X509_STORE_CTX_get_error_depth(store_ctx) == 0
             && X509_STORE_CTX_get_error(store_ctx)
             == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) {