From: Dr. David von Oheimb Date: Mon, 26 Apr 2021 12:57:05 +0000 (+0200) Subject: OSSL_STORE_expect(): Improve error handling and documentation X-Git-Tag: openssl-3.0.0-alpha16~39 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6e328484ab17f671134077962ce1aa392e512423;p=thirdparty%2Fopenssl.git OSSL_STORE_expect(): Improve error handling and documentation Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/15029) --- diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c index 1a62d7f6ff5..2c7c9f32267 100644 --- a/crypto/store/store_lib.c +++ b/crypto/store/store_lib.c @@ -241,6 +241,11 @@ int OSSL_STORE_expect(OSSL_STORE_CTX *ctx, int expected_type) { int ret = 1; + if (ctx == NULL + || expected_type < 0 || expected_type > OSSL_STORE_INFO_CRL) { + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_INVALID_ARGUMENT); + return 0; + } if (ctx->loading) { ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADING_STARTED); return 0; diff --git a/doc/man3/OSSL_STORE_expect.pod b/doc/man3/OSSL_STORE_expect.pod index ac414e97018..8b79f353373 100644 --- a/doc/man3/OSSL_STORE_expect.pod +++ b/doc/man3/OSSL_STORE_expect.pod @@ -21,11 +21,13 @@ OSSL_STORE_find OSSL_STORE_expect() helps applications filter what OSSL_STORE_load() returns by specifying a B type. -For example, if C contains several different objects -and only the certificates are interesting, the application can simply say +By default, no expectations on the types of objects to be loaded are made. +I may be 0 to indicate explicitly that no expectation is made, +or it may be any of the known object types (see +L) except for B. +For example, if C contains several objects of different +type and only certificates are interesting, the application can simply say that it expects the type B. -All known object types (see L) -except for B are supported. OSSL_STORE_find() helps applications specify a criterion for a more fine grained search of objects.