]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c9cddf0)
apps: clean up the http server code
authorPauli <pauli@openssl.org>
Sun, 16 May 2021 23:26:48 +0000 (09:26 +1000)
committerPauli <pauli@openssl.org>
Tue, 18 May 2021 03:24:41 +0000 (13:24 +1000)
Clean up some of the null checking in the http server code.

This also "fixes" the false positive from coverity CID 1484883.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15300)

apps/lib/http_server.c patch | blob | blame | history

diff --git a/apps/lib/http_server.c b/apps/lib/http_server.c
index ae33632598d819bc05e70167204f6a7b536b0333..0fbf991388fb0389752ce7e849d0a1c35c05db21 100644 (file)
--- a/apps/lib/http_server.c
+++ b/apps/lib/http_server.c
@@ -433,36 +433,33 @@ int http_server_get_asn1_req(const ASN1_ITEM *it, ASN1_VALUE **preq,
 
         key = inbuf;
         value = strchr(key, ':');
-        if (value != NULL) {
-            *(value++) = '\0';
-            while (*value == ' ')
-                value++;
-            line_end = strchr(value, '\r');
-            if (line_end == NULL)
-                line_end = strchr(value, '\n');
-            if (line_end != NULL)
-                *line_end = '\0';
-        } else {
+        if (value == NULL) {
             log_message(prog, LOG_WARNING,
                         "Error parsing HTTP header: missing ':'");
             (void)http_server_send_status(cbio, 400, "Bad Request");
             goto out;
         }
-        if (value != NULL && line_end != NULL) {
-            /* https://tools.ietf.org/html/rfc7230#section-6.3 Persistence */
-            if (found_keep_alive != NULL && strcasecmp(key, "Connection") == 0) {
-                if (strcasecmp(value, "keep-alive") == 0)
-                    *found_keep_alive = 1;
-                if (strcasecmp(value, "close") == 0)
-                    *found_keep_alive = 0;
+        *(value++) = '\0';
+        while (*value == ' ')
+            value++;
+        line_end = strchr(value, '\r');
+        if (line_end == NULL) {
+            line_end = strchr(value, '\n');
+            if (line_end == NULL) {
+                log_message(prog, LOG_WARNING,
+                            "Error parsing HTTP header: missing end of line");
+                (void)http_server_send_status(cbio, 400, "Bad Request");
+                goto out;
             }
-        } else {
-            log_message(prog, LOG_WARNING,
-                        "Error parsing HTTP header: missing end of line");
-            (void)http_server_send_status(cbio, 400, "Bad Request");
-            goto out;
         }
-
+        *line_end = '\0';
+        /* https://tools.ietf.org/html/rfc7230#section-6.3 Persistence */
+        if (found_keep_alive != NULL && strcasecmp(key, "Connection") == 0) {
+            if (strcasecmp(value, "keep-alive") == 0)
+                *found_keep_alive = 1;
+            if (strcasecmp(value, "close") == 0)
+                *found_keep_alive = 0;
+        }
     }
 
 # ifdef HTTP_DAEMON
Mirror of https://github.com/openssl/openssl.git