From: Andrew Dinh Date: Thu, 20 Feb 2025 05:24:00 +0000 (+0700) Subject: Various NULL checks X-Git-Tag: openssl-3.5.0-alpha1~112 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=704c3d3cd28efa8106bd85b354de1a03d68d9469;p=thirdparty%2Fopenssl.git Various NULL checks Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643035 Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643039 Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643041 Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643044 Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643045 Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643046 Reviewed-by: Neil Horman Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/26840) --- diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c index b1088027345..c00cc7305cd 100644 --- a/ssl/quic/quic_impl.c +++ b/ssl/quic/quic_impl.c @@ -999,15 +999,17 @@ static uint64_t quic_mask_or_options(SSL *ssl, uint64_t mask_value, uint64_t or_ & OSSL_QUIC_PERMITTED_OPTIONS; } + ret = ctx.qc->default_ssl_options; if (ctx.xso != NULL) { ctx.xso->ssl_options = ((ctx.xso->ssl_options & ~mask_value) | or_value) & OSSL_QUIC_PERMITTED_OPTIONS_STREAM; xso_update_options(ctx.xso); - } - ret = ctx.is_stream ? ctx.xso->ssl_options : ctx.qc->default_ssl_options; + if (ctx.is_stream) + ret = ctx.xso->ssl_options; + } qctx_unlock(&ctx); return ret; diff --git a/ssl/quic/quic_port.c b/ssl/quic/quic_port.c index a56d119a12c..ce5d6b30e84 100644 --- a/ssl/quic/quic_port.c +++ b/ssl/quic/quic_port.c @@ -593,6 +593,7 @@ void ossl_quic_port_drop_incoming(QUIC_PORT *port) QUIC_CHANNEL *ch; SSL *tls; SSL *user_ssl; + SSL_CONNECTION *sc; for (;;) { ch = ossl_quic_port_pop_incoming(port); @@ -608,7 +609,11 @@ void ossl_quic_port_drop_incoming(QUIC_PORT *port) * which sends us through ossl_quic_free, which then drops the actual * ch->tls ref and frees the channel */ - user_ssl = SSL_CONNECTION_GET_USER_SSL(SSL_CONNECTION_FROM_SSL(tls)); + sc = SSL_CONNECTION_FROM_SSL(tls); + if (sc == NULL) + break; + + user_ssl = SSL_CONNECTION_GET_USER_SSL(sc); if (user_ssl == tls) { ossl_quic_channel_free(ch); SSL_free(tls); diff --git a/ssl/quic/quic_tls.c b/ssl/quic/quic_tls.c index 546d09d46b4..ef0e3a3d553 100644 --- a/ssl/quic/quic_tls.c +++ b/ssl/quic/quic_tls.c @@ -712,7 +712,7 @@ int ossl_quic_tls_configure(QUIC_TLS *qtls) { SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(qtls->args.s); - if (!SSL_set_min_proto_version(qtls->args.s, TLS1_3_VERSION)) + if (sc == NULL || !SSL_set_min_proto_version(qtls->args.s, TLS1_3_VERSION)) return RAISE_INTERNAL_ERROR(qtls); SSL_clear_options(qtls->args.s, SSL_OP_ENABLE_MIDDLEBOX_COMPAT); diff --git a/ssl/ssl_cert_comp.c b/ssl/ssl_cert_comp.c index 010e03a702d..e5950dc08ac 100644 --- a/ssl/ssl_cert_comp.c +++ b/ssl/ssl_cert_comp.c @@ -414,6 +414,9 @@ size_t SSL_get1_compressed_cert(SSL *ssl, int alg, unsigned char **data, size_t SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(ssl); CERT_PKEY *cpk = NULL; + if (sc == NULL) + return 0; + if (sc->cert != NULL) cpk = sc->cert->key; else diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 5d01b1d3941..28bac483b82 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -8267,7 +8267,7 @@ int SSL_get0_client_cert_type(const SSL *s, unsigned char **t, size_t *len) { const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); - if (t == NULL || len == NULL) + if (t == NULL || len == NULL || sc == NULL) return 0; *t = sc->client_cert_type; @@ -8279,7 +8279,7 @@ int SSL_get0_server_cert_type(const SSL *s, unsigned char **t, size_t *len) { const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); - if (t == NULL || len == NULL) + if (t == NULL || len == NULL || sc == NULL) return 0; *t = sc->server_cert_type;