Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit b13f6b9

Browse files
OwenSanzasnhorman
OwenSanzas
authored and
nhorman
committed
Refactor do_evp_cipher error paths to use goto err
Initialize key, iv, and ctx to NULL at declaration and consolidate all cleanup into a single err label, as suggested by @npajkovsky. Reviewed-by: Neil Horman <[email protected]> Reviewed-by: Kurt Roeckx <[email protected]> MergeDate: Wed Mar 11 20:58:47 2026 (Merged from #30331)
1 parent 94e563f commit b13f6b9

1 file changed

Lines changed: 20 additions & 38 deletions

File tree

fuzz/provider.c

Lines changed: 20 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -465,9 +465,9 @@ static int do_evp_cipher(const EVP_CIPHER *evp_cipher, const OSSL_PARAM param[])
465465
int outlen, tmplen;
466466
int key_len = EVP_CIPHER_get_key_length(evp_cipher);
467467
int iv_len = EVP_CIPHER_get_iv_length(evp_cipher);
468-
unsigned char *key, *iv;
468+
unsigned char *key = NULL, *iv = NULL;
469469
const char intext[] = "text";
470-
EVP_CIPHER_CTX *ctx;
470+
EVP_CIPHER_CTX *ctx = NULL;
471471
int i;
472472

473473
if (key_len <= 0)
@@ -477,62 +477,44 @@ static int do_evp_cipher(const EVP_CIPHER *evp_cipher, const OSSL_PARAM param[])
477477

478478
key = OPENSSL_zalloc(key_len);
479479
iv = OPENSSL_zalloc(iv_len);
480-
if (key == NULL || iv == NULL) {
481-
OPENSSL_free(key);
482-
OPENSSL_free(iv);
483-
return 0;
484-
}
480+
if (key == NULL || iv == NULL)
481+
goto err;
485482
for (i = 0; i < key_len && i < 16; i++)
486483
key[i] = (unsigned char)i;
487484
for (i = 0; i < iv_len && i < 8; i++)
488485
iv[i] = (unsigned char)(i + 1);
489486

490487
ctx = EVP_CIPHER_CTX_new();
491-
if (ctx == NULL) {
492-
OPENSSL_free(key);
493-
OPENSSL_free(iv);
494-
return 0;
495-
}
488+
if (ctx == NULL)
489+
goto err;
496490

497491
/* Initialize cipher before setting params so ctx has an algorithm */
498-
if (!EVP_EncryptInit_ex2(ctx, evp_cipher, key, iv, NULL)) {
499-
EVP_CIPHER_CTX_free(ctx);
500-
OPENSSL_free(key);
501-
OPENSSL_free(iv);
502-
return 0;
503-
}
492+
if (!EVP_EncryptInit_ex2(ctx, evp_cipher, key, iv, NULL))
493+
goto err;
504494

505-
if (!EVP_CIPHER_CTX_set_params(ctx, param)) {
506-
EVP_CIPHER_CTX_free(ctx);
507-
OPENSSL_free(key);
508-
OPENSSL_free(iv);
509-
return 0;
510-
}
495+
if (!EVP_CIPHER_CTX_set_params(ctx, param))
496+
goto err;
511497

512498
if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, (const unsigned char *)intext,
513-
(int)strlen(intext))) {
514-
/* Error */
515-
EVP_CIPHER_CTX_free(ctx);
516-
OPENSSL_free(key);
517-
OPENSSL_free(iv);
518-
return 0;
519-
}
499+
(int)strlen(intext)))
500+
goto err;
520501
/*
521502
* Buffer passed to EVP_EncryptFinal() must be after data just
522503
* encrypted to avoid overwriting it.
523504
*/
524-
if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen)) {
525-
/* Error */
526-
EVP_CIPHER_CTX_free(ctx);
527-
OPENSSL_free(key);
528-
OPENSSL_free(iv);
529-
return 0;
530-
}
505+
if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen))
506+
goto err;
531507
outlen += tmplen;
532508
EVP_CIPHER_CTX_free(ctx);
533509
OPENSSL_free(key);
534510
OPENSSL_free(iv);
535511
return 1;
512+
513+
err:
514+
EVP_CIPHER_CTX_free(ctx);
515+
OPENSSL_free(key);
516+
OPENSSL_free(iv);
517+
return 0;
536518
}
537519

538520
static int do_evp_kdf(EVP_KDF *evp_kdf, const OSSL_PARAM params[])

0 commit comments

Comments
 (0)