diff --git a/library/pem.c b/library/pem.c index 2775ef90f..3dd3b7980 100644 --- a/library/pem.c +++ b/library/pem.c @@ -370,11 +370,8 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer, void pem_free( pem_context *ctx ) { - if( ctx->buf ) - polarssl_free( ctx->buf ); - - if( ctx->info ) - polarssl_free( ctx->info ); + polarssl_free( ctx->buf ); + polarssl_free( ctx->info ); memset( ctx, 0, sizeof( pem_context ) ); } diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 9e49b9a5f..836b68511 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -321,8 +321,7 @@ void ssl_cache_free( ssl_cache_context *cache ) ssl_session_free( &prv->session ); #if defined(POLARSSL_X509_CRT_PARSE_C) - if( prv->peer_cert.p != NULL ) - polarssl_free( prv->peer_cert.p ); + polarssl_free( prv->peer_cert.p ); #endif /* POLARSSL_X509_CRT_PARSE_C */ polarssl_free( prv ); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 515289510..53b317975 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -691,7 +691,7 @@ static int ssl_parse_session_ticket_ext( ssl_context *ssl, static int ssl_parse_alpn_ext( ssl_context *ssl, unsigned char *buf, size_t len ) { - size_t list_len, cur_len; + size_t list_len, cur_len, ours_len; const unsigned char *theirs, *start, *end; const char **ours; @@ -722,6 +722,7 @@ static int ssl_parse_alpn_ext( ssl_context *ssl, end = buf + len; for( ours = ssl->alpn_list; *ours != NULL; ours++ ) { + ours_len = strlen( *ours ); for( theirs = start; theirs != end; theirs += cur_len ) { /* If the list is well formed, we should get equality first */ @@ -734,7 +735,7 @@ static int ssl_parse_alpn_ext( ssl_context *ssl, if( cur_len == 0 ) return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); - if( cur_len == strlen( *ours ) && + if( cur_len == ours_len && memcmp( theirs, *ours, cur_len ) == 0 ) { ssl->alpn_chosen = *ours; diff --git a/library/x509_crt.c b/library/x509_crt.c index 79460682a..54e76db62 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1550,12 +1550,12 @@ static int x509_name_cmp( const void *s1, const void *s2, size_t len ) static int x509_wildcard_verify( const char *cn, x509_buf *name ) { size_t i; - size_t cn_idx = 0; + size_t cn_idx = 0, cn_len = strlen( cn ); if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' ) return( 0 ); - for( i = 0; i < strlen( cn ); ++i ) + for( i = 0; i < cn_len; ++i ) { if( cn[i] == '.' ) { @@ -1567,7 +1567,7 @@ static int x509_wildcard_verify( const char *cn, x509_buf *name ) if( cn_idx == 0 ) return( 0 ); - if( strlen( cn ) - cn_idx == name->len - 1 && + if( cn_len - cn_idx == name->len - 1 && x509_name_cmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 ) { return( 1 );