Add NULL checks from master

The big "don't check for NULL" cleanup requires backporting some
of the lowest-level functions to actually do nothing if NULL is
given.  This will make it easier to backport fixes to release
branches, where master assumes those lower-level functions are "safe"

This commit addresses those tickets: 3798 3799 3801.

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit f34b095fab1569d093b639bfcc9a77d6020148ff)
(cherry picked from commit 690d040b2e9df9c6ac19e1aab8f0cd79a84a2ee4)

diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 684ef5f25c9ca3be753beb60ff2b4aa339d555ae..a1afb6c08df7ef450c7653729c14e3cb8de97915 100644 (file)
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -214,6 +214,8 @@ X509_STORE *X509_STORE_new(void)
 
 static void cleanup(X509_OBJECT *a)
 {
+    if (!a)
+        return;
     if (a->type == X509_LU_X509) {
         X509_free(a->data.x509);
     } else if (a->type == X509_LU_CRL) {

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index e11cd5d0ea7bc0e591a725ea70f3581f2930a8ef..4fa493c9ff60ccccd4c13c0aa120042bd76a8571 100644 (file)
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -1304,6 +1304,8 @@ X509_STORE_CTX *X509_STORE_CTX_new(void)
 
 void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
 {
+    if (!ctx)
+        return;
     X509_STORE_CTX_cleanup(ctx);
     OPENSSL_free(ctx);
 }