public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NULL checks for QUIC code

Browse source 
Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643033
Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643032
Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643031
Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643030
Fixes https://scan5.scan.coverity.com/#/project-view/62507/10222?selectedIssue=1643029

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26825)
This commit is contained in:
Andrew Dinh 2025-02-19 13:49:06 +07:00 committed by Neil Horman
parent 20ca6d4743
commit 3820f2da7c
3 changed files with 15 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
ssl/quic/quic_impl.c
View file

@ -4586,7 +4586,11 @@ SSL *ossl_quic_accept_connection(SSL *ssl, uint64_t flags)
* we just need to extract it
*/
conn_ssl = ossl_quic_channel_get0_tls(new_ch);
if (conn_ssl == NULL)
goto out;
conn_ssl = SSL_CONNECTION_GET_USER_SSL(SSL_CONNECTION_FROM_SSL(conn_ssl));
if (conn_ssl == NULL)
goto out;
qc = (QUIC_CONNECTION *)conn_ssl;
qc->listener = ctx.ql;
qc->pending = 0;

9
ssl/quic/quic_tls.c
View file

@ -770,9 +770,13 @@ int ossl_quic_tls_tick(QUIC_TLS *qtls)
if (!qtls->configured) {
SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(qtls->args.s);
SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(sc);
SSL_CTX *sctx;
BIO *nullbio;
if (sc == NULL)
return RAISE_INTERNAL_ERROR(qtls);
sctx = SSL_CONNECTION_GET_CTX(sc);
/*
* No matter how the user has configured us, there are certain
* requirements for QUIC-TLS that we enforce
@ -887,6 +891,9 @@ int ossl_quic_tls_is_cert_request(QUIC_TLS *qtls)
{
SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(qtls->args.s);
if (sc == NULL)
return 0;
return sc->s3.tmp.message_type == SSL3_MT_CERTIFICATE_REQUEST;
}

3
ssl/quic/quic_tls_api.c
View file

@ -179,6 +179,9 @@ int SSL_set_quic_tls_transport_params(SSL *s,
{
SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
if (sc == NULL)
return 0;
if (sc->qtls == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;