From cef71ebb5c757bafd15926dd6f6f2a2779b9d71a Mon Sep 17 00:00:00 2001
From: Pauli <pauli@openssl.org>
Date: Mon, 17 May 2021 09:26:48 +1000
Subject: [PATCH] apps: clean up the http server code

Clean up some of the null checking in the http server code.

This also "fixes" the false positive from coverity CID 1484883.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15300)
---
 apps/lib/http_server.c | 43 ++++++++++++++++++++----------------------
 1 file changed, 20 insertions(+), 23 deletions(-)

diff --git a/apps/lib/http_server.c b/apps/lib/http_server.c
index ae33632598d..0fbf991388f 100644
--- a/apps/lib/http_server.c
+++ b/apps/lib/http_server.c
@@ -433,36 +433,33 @@ int http_server_get_asn1_req(const ASN1_ITEM *it, ASN1_VALUE **preq,
 
         key = inbuf;
         value = strchr(key, ':');
-        if (value != NULL) {
-            *(value++) = '\0';
-            while (*value == ' ')
-                value++;
-            line_end = strchr(value, '\r');
-            if (line_end == NULL)
-                line_end = strchr(value, '\n');
-            if (line_end != NULL)
-                *line_end = '\0';
-        } else {
+        if (value == NULL) {
             log_message(prog, LOG_WARNING,
                         "Error parsing HTTP header: missing ':'");
             (void)http_server_send_status(cbio, 400, "Bad Request");
             goto out;
         }
-        if (value != NULL && line_end != NULL) {
-            /* https://tools.ietf.org/html/rfc7230#section-6.3 Persistence */
-            if (found_keep_alive != NULL && strcasecmp(key, "Connection") == 0) {
-                if (strcasecmp(value, "keep-alive") == 0)
-                    *found_keep_alive = 1;
-                if (strcasecmp(value, "close") == 0)
-                    *found_keep_alive = 0;
+        *(value++) = '\0';
+        while (*value == ' ')
+            value++;
+        line_end = strchr(value, '\r');
+        if (line_end == NULL) {
+            line_end = strchr(value, '\n');
+            if (line_end == NULL) {
+                log_message(prog, LOG_WARNING,
+                            "Error parsing HTTP header: missing end of line");
+                (void)http_server_send_status(cbio, 400, "Bad Request");
+                goto out;
             }
-        } else {
-            log_message(prog, LOG_WARNING,
-                        "Error parsing HTTP header: missing end of line");
-            (void)http_server_send_status(cbio, 400, "Bad Request");
-            goto out;
         }
-
+        *line_end = '\0';
+        /* https://tools.ietf.org/html/rfc7230#section-6.3 Persistence */
+        if (found_keep_alive != NULL && strcasecmp(key, "Connection") == 0) {
+            if (strcasecmp(value, "keep-alive") == 0)
+                *found_keep_alive = 1;
+            if (strcasecmp(value, "close") == 0)
+                *found_keep_alive = 0;
+        }
     }
 
 # ifdef HTTP_DAEMON
-- 
2.47.3