The branch master has been updated via c42b8a6e4bced8f6ecf0a0d9a0107e6e989da0c2 (commit) via fe81a1b0515bf51983150dc7c428ed4c9fd31c7a (commit) via 08f6ae5b2896a22e1e16de3e363d1ea314700b0b (commit) from c74aea8d6ccdf07ce826a9451887739b8aa64096 (commit)
- Log ----------------------------------------------------------------- commit c42b8a6e4bced8f6ecf0a0d9a0107e6e989da0c2 Author: Matt Caswell <m...@openssl.org> Date: Wed Aug 24 11:28:58 2016 +0100 Remove some dead code from rec_layer_s3.c It is never valid to call ssl3_read_bytes with type == SSL3_RT_CHANGE_CIPHER_SPEC, and in fact we check for valid values for type near the beginning of the function. Therefore this check will never be true and can be removed. Reviewed-by: Tim Hudson <t...@openssl.org> commit fe81a1b0515bf51983150dc7c428ed4c9fd31c7a Author: Matt Caswell <m...@openssl.org> Date: Wed Aug 24 11:25:23 2016 +0100 Remove useless assignment The variable assignment c1 is never read before it is overwritten. Reviewed-by: Tim Hudson <t...@openssl.org> commit 08f6ae5b2896a22e1e16de3e363d1ea314700b0b Author: Matt Caswell <m...@openssl.org> Date: Wed Aug 24 11:22:47 2016 +0100 Fix some resource leaks in the apps Reviewed-by: Tim Hudson <t...@openssl.org> ----------------------------------------------------------------------- Summary of changes: apps/cms.c | 15 +++++++++++++++ apps/req.c | 4 ++++ apps/spkac.c | 4 +++- apps/x509.c | 4 ++++ crypto/bn/bn_mul.c | 3 +-- ssl/record/rec_layer_s3.c | 6 ------ 6 files changed, 27 insertions(+), 9 deletions(-) diff --git a/apps/cms.c b/apps/cms.c index 52186d2..9c41a97 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -412,6 +412,11 @@ int cms_main(int argc, char **argv) noout = print = 1; break; case OPT_SECRETKEY: + if (secret_key != NULL) { + /* Cannot be supplied twice */ + BIO_printf(bio_err, "Invalid key %s\n", opt_arg()); + goto opthelp; + } secret_key = OPENSSL_hexstr2buf(opt_arg(), <mp); if (secret_key == NULL) { BIO_printf(bio_err, "Invalid key %s\n", opt_arg()); @@ -420,6 +425,11 @@ int cms_main(int argc, char **argv) secret_keylen = (size_t)ltmp; break; case OPT_SECRETKEYID: + if (secret_keyid != NULL) { + /* Cannot be supplied twice */ + BIO_printf(bio_err, "Invalid id %s\n", opt_arg()); + goto opthelp; + } secret_keyid = OPENSSL_hexstr2buf(opt_arg(), <mp); if (secret_keyid == NULL) { BIO_printf(bio_err, "Invalid id %s\n", opt_arg()); @@ -431,6 +441,11 @@ int cms_main(int argc, char **argv) pwri_pass = (unsigned char *)opt_arg(); break; case OPT_ECONTENT_TYPE: + if (econtent_type != NULL) { + /* Cannot be supplied twice */ + BIO_printf(bio_err, "Invalid OID %s\n", opt_arg()); + goto opthelp; + } econtent_type = OBJ_txt2obj(opt_arg(), 0); if (econtent_type == NULL) { BIO_printf(bio_err, "Invalid OID %s\n", opt_arg()); diff --git a/apps/req.c b/apps/req.c index 2666124..fb37f7d 100644 --- a/apps/req.c +++ b/apps/req.c @@ -295,6 +295,10 @@ int req_main(int argc, char **argv) days = atoi(opt_arg()); break; case OPT_SET_SERIAL: + if (serial != NULL) { + /* Cannot be supplied twice */ + goto opthelp; + } serial = s2i_ASN1_INTEGER(NULL, opt_arg()); if (serial == NULL) goto opthelp; diff --git a/apps/spkac.c b/apps/spkac.c index b6fc46d..a365406 100644 --- a/apps/spkac.c +++ b/apps/spkac.c @@ -130,8 +130,10 @@ int spkac_main(int argc, char **argv) spkstr = NETSCAPE_SPKI_b64_encode(spki); out = bio_open_default(outfile, 'w', FORMAT_TEXT); - if (out == NULL) + if (out == NULL) { + OPENSSL_free(spkstr); goto end; + } BIO_printf(out, "SPKAC=%s\n", spkstr); OPENSSL_free(spkstr); ret = 0; diff --git a/apps/x509.c b/apps/x509.c index 05aa554..9e51012 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -261,6 +261,10 @@ int x509_main(int argc, char **argv) CAserial = opt_arg(); break; case OPT_SET_SERIAL: + if (sno != NULL) { + /* Cannot be supplied twice */ + goto opthelp; + } if ((sno = s2i_ASN1_INTEGER(NULL, opt_arg())) == NULL) goto opthelp; break; diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c index 66139ed..1ff8efe 100644 --- a/crypto/bn/bn_mul.c +++ b/crypto/bn/bn_mul.c @@ -729,9 +729,8 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, */ if (l != NULL) { lp = &(t[n2 + n]); - c1 = (int)(bn_add_words(lp, &(r[0]), &(l[0]), n)); + bn_add_words(lp, &(r[0]), &(l[0]), n); } else { - c1 = 0; lp = &(r[0]); } diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 52a8dcf..46870c0 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1159,12 +1159,6 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, * were actually expecting a CCS). */ - if (rr->type == SSL3_RT_HANDSHAKE && type == SSL3_RT_CHANGE_CIPHER_SPEC) { - al = SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_MESSAGE); - goto f_err; - } - /* * Lets just double check that we've not got an SSLv2 record */ _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits