Coverity fixes

Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643042
Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643047
Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643089
Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643091
Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643095

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26845)

diff --git a/ssl/quic/quic_port.c b/ssl/quic/quic_port.c
index ce5d6b30e84bf56b96acb6d93c67cab23f1fc75c..ad0c2ffef208c9dcf36f18da98116ecddf4b37b3 100644 (file)
--- a/ssl/quic/quic_port.c
+++ b/ssl/quic/quic_port.c
@@ -853,8 +853,10 @@ static int marshal_validation_token(QUIC_VALIDATION_TOKEN *token,
     BUF_MEM *buf_mem = BUF_MEM_new();
 
     if (buffer == NULL || buf_mem == NULL
-        || (token->is_retry != 0 && token->is_retry != 1))
+        || (token->is_retry != 0 && token->is_retry != 1)) {
+        BUF_MEM_free(buf_mem);
         return 0;
+    }
 
     if (!WPACKET_init(&wpkt, buf_mem)
         || !WPACKET_memset(&wpkt, token->is_retry, 1)

diff --git a/ssl/rio/poll_immediate.c b/ssl/rio/poll_immediate.c
index fb18e9e5fea54a3faa8cd60162e7f8e0b1837999..38afaf5157250cdce8a1c5402e7a479500ea7c3b 100644 (file)
--- a/ssl/rio/poll_immediate.c
+++ b/ssl/rio/poll_immediate.c
@@ -91,10 +91,10 @@ static int poll_translate_ssl_quic(SSL *ssl,
 
     if (fd2 == fd1) {
         fd2 = -1;
-        fd1_w = fd1_w || fd2_w;
+        fd1_w = fd2_w;
     }
 
-    if (fd1 != -1 && (fd1_r || fd1_w))
+    if (fd1 != -1)
         if (!ossl_rio_poll_builder_add_fd(rpb, fd1, fd1_r, fd1_w))
             return 0;
 

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 28bac483b823e420fba22c0338b0c517429b1374..74246c71b3d85927ce8de0f7046d07f65bfa4f99 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1583,8 +1583,10 @@ void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
      * If the two arguments are equal then one fewer reference is granted by the
      * caller than we want to take
      */
-    if (rbio != NULL && rbio == wbio)
-        BIO_up_ref(rbio);
+    if (rbio != NULL && rbio == wbio) {
+        if (!BIO_up_ref(rbio))
+            return;
+    }
 
     /*
      * If only the wbio is changed only adopt one reference.
@@ -1747,7 +1749,8 @@ int SSL_set_wfd(SSL *s, int fd)
         ktls_enable(fd);
 #endif /* OPENSSL_NO_KTLS */
     } else {
-        BIO_up_ref(rbio);
+        if (!BIO_up_ref(rbio))
+            return 0;
         SSL_set0_wbio(s, rbio);
     }
     return 1;
@@ -1774,7 +1777,8 @@ int SSL_set_rfd(SSL *s, int fd)
         BIO_set_fd(bio, fd, BIO_NOCLOSE);
         SSL_set0_rbio(s, bio);
     } else {
-        BIO_up_ref(wbio);
+        if (!BIO_up_ref(wbio))
+            return 0;
         SSL_set0_rbio(s, wbio);
     }