Add NULL checks from master

The big "don't check for NULL" cleanup requires backporting some
of the lowest-level functions to actually do nothing if NULL is
given.  This will make it easier to backport fixes to release
branches, where master assumes those lower-level functions are "safe"

This commit addresses those tickets: 3798 3799 3801.

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit f34b095fab1569d093b639bfcc9a77d6020148ff)

diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index a910636f823d03902c403d80a050d96ba86a5b98..8415d1d8b353213173d7a0bad5778a2355b9c7f0 100644 (file)
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -216,6 +216,8 @@ X509_STORE *X509_STORE_new(void)
 
 static void cleanup(X509_OBJECT *a)
 {
+    if (!a)
+        return;
     if (a->type == X509_LU_X509) {
         X509_free(a->data.x509);
     } else if (a->type == X509_LU_CRL) {

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 136bfbda617a1d5540c76bd3508a0c686744006f..559b5cdeb5cf53beacf725cd738196ad3a0e8376 100644 (file)
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -1921,6 +1921,8 @@ X509_STORE_CTX *X509_STORE_CTX_new(void)
 
 void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
 {
+    if (!ctx)
+        return;
     X509_STORE_CTX_cleanup(ctx);
     OPENSSL_free(ctx);
 }