Fix static analyzer possible leak #6894

julek-wolfssl · 2023-10-19T14:58:50Z

crl would never be null there but clean up code to make sure newcrl->crlLock gets free'd

julek-wolfssl · 2023-10-23T12:25:22Z

Retest this please

bandi13 · 2023-10-23T14:15:26Z

src/crl.c

+        ret = DupX509_CRL(crl, newcrl);
+        wc_UnLockRwLock(&newcrl->crlLock);
+        if (ret != 0) {
+            FreeCRL(crl, 1);


Do you need to check crl != NULL here like the original code did?

FreeCRL should also check crl != NULL and return BAD_ARG_ERR or something. It will crash if NULL is passed.

crl will never be NULL here as its checked right after allocation. I agree that FreeCRL should be performing a check internally though.

bandi13

I have some questions that should be addressed.

Fix static analyzer possible leak

2dd8e71

crl would never be null there but clean up code to make sure newcrl->crlLock gets free'd

julek-wolfssl self-assigned this Oct 19, 2023

julek-wolfssl requested a review from bandi13 October 19, 2023 14:58

julek-wolfssl added 2 commits October 19, 2023 17:00

Add log about allocation failure

8a8acbd

Call wc_UnLockRwLock only once

cecc5f6

bwrap ocsp renew script

3c5d3c0

bandi13 reviewed Oct 23, 2023

View reviewed changes

bandi13 requested changes Oct 23, 2023

View reviewed changes

Do NULL check in FreeCRL

dc5a246

julek-wolfssl requested a review from bandi13 October 24, 2023 08:31

julek-wolfssl assigned bandi13 and unassigned julek-wolfssl Oct 24, 2023

bandi13 approved these changes Oct 24, 2023

View reviewed changes

bandi13 merged commit 5da7efa into wolfSSL:master Oct 24, 2023
102 checks passed

Provide feedback