From: Andrew Dinh <andrewd@openssl.org>
Date: Thu, 20 Feb 2025 07:24:21 +0000 (+0700)
Subject: Coverity fixes
X-Git-Tag: openssl-3.5.0-alpha1~92
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cec0659fa4f43d3be6c006be100378589a32b033;p=thirdparty%2Fopenssl.git

Coverity fixes

Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643042
Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643047
Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643089
Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643091
Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643095

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26845)
---

diff --git a/ssl/quic/quic_port.c b/ssl/quic/quic_port.c
index ce5d6b30e84..ad0c2ffef20 100644
--- a/ssl/quic/quic_port.c
+++ b/ssl/quic/quic_port.c
@@ -853,8 +853,10 @@ static int marshal_validation_token(QUIC_VALIDATION_TOKEN *token,
     BUF_MEM *buf_mem = BUF_MEM_new();
 
     if (buffer == NULL || buf_mem == NULL
-        || (token->is_retry != 0 && token->is_retry != 1))
+        || (token->is_retry != 0 && token->is_retry != 1)) {
+        BUF_MEM_free(buf_mem);
         return 0;
+    }
 
     if (!WPACKET_init(&wpkt, buf_mem)
         || !WPACKET_memset(&wpkt, token->is_retry, 1)
diff --git a/ssl/rio/poll_immediate.c b/ssl/rio/poll_immediate.c
index fb18e9e5fea..38afaf51572 100644
--- a/ssl/rio/poll_immediate.c
+++ b/ssl/rio/poll_immediate.c
@@ -91,10 +91,10 @@ static int poll_translate_ssl_quic(SSL *ssl,
 
     if (fd2 == fd1) {
         fd2 = -1;
-        fd1_w = fd1_w || fd2_w;
+        fd1_w = fd2_w;
     }
 
-    if (fd1 != -1 && (fd1_r || fd1_w))
+    if (fd1 != -1)
         if (!ossl_rio_poll_builder_add_fd(rpb, fd1, fd1_r, fd1_w))
             return 0;
 
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 28bac483b82..74246c71b3d 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1583,8 +1583,10 @@ void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
      * If the two arguments are equal then one fewer reference is granted by the
      * caller than we want to take
      */
-    if (rbio != NULL && rbio == wbio)
-        BIO_up_ref(rbio);
+    if (rbio != NULL && rbio == wbio) {
+        if (!BIO_up_ref(rbio))
+            return;
+    }
 
     /*
      * If only the wbio is changed only adopt one reference.
@@ -1747,7 +1749,8 @@ int SSL_set_wfd(SSL *s, int fd)
         ktls_enable(fd);
 #endif /* OPENSSL_NO_KTLS */
     } else {
-        BIO_up_ref(rbio);
+        if (!BIO_up_ref(rbio))
+            return 0;
         SSL_set0_wbio(s, rbio);
     }
     return 1;
@@ -1774,7 +1777,8 @@ int SSL_set_rfd(SSL *s, int fd)
         BIO_set_fd(bio, fd, BIO_NOCLOSE);
         SSL_set0_rbio(s, bio);
     } else {
-        BIO_up_ref(wbio);
+        if (!BIO_up_ref(wbio))
+            return 0;
         SSL_set0_rbio(s, wbio);
     }