Bug Summary

File:s/lib/libpkix/pkix/checker/pkix_ekuchecker.c
Warning:line 307, column 9
Access to field 'ekuOID' results in a dereference of a null pointer (loaded from variable 'state')

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name pkix_ekuchecker.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=all -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/var/lib/jenkins/workspace/nss-scan-build/nss/lib/libpkix/pkix/checker -ffunction-sections -fdata-sections -fcoverage-compilation-dir=/var/lib/jenkins/workspace/nss-scan-build/nss/lib/libpkix/pkix/checker -resource-dir /usr/lib/llvm-18/lib/clang/18 -D HAVE_STRERROR -D LINUX -D linux -D XP_UNIX -D XP_UNIX -D DEBUG -U NDEBUG -D _DEFAULT_SOURCE -D _BSD_SOURCE -D _POSIX_SOURCE -D SDB_MEASURE_USE_TEMP_DIR -D _REENTRANT -D DEBUG -U NDEBUG -D _DEFAULT_SOURCE -D _BSD_SOURCE -D _POSIX_SOURCE -D SDB_MEASURE_USE_TEMP_DIR -D _REENTRANT -D NSS_DISABLE_SSE3 -D NSS_NO_INIT_SUPPORT -D USE_UTIL_DIRECTLY -D NO_NSPR_10_SUPPORT -D SSL_DISABLE_DEPRECATED_CIPHER_SUITE_NAMES -I ../../../../../dist/Linux4.19_x86_64_gcc_glibc_PTH_64_DBG.OBJ/include -I ../../../../../dist/public/nss -I ../../../../../dist/private/nss -internal-isystem /usr/lib/llvm-18/lib/clang/18/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -std=c99 -ferror-limit 19 -fgnuc-version=4.2.1 -analyzer-output=html -analyzer-config stable-report-filename=true -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2024-05-18-082241-28900-1 -x c pkix_ekuchecker.c
1/* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4/*
5 * pkix_ekuchecker.c
6 *
7 * User Defined ExtenedKeyUsage Function Definitions
8 *
9 */
10
11#include "pkix_ekuchecker.h"
12
13SECOidTag ekuOidStrings[] = {
14 PKIX_KEY_USAGE_SERVER_AUTH_OIDSEC_OID_EXT_KEY_USAGE_SERVER_AUTH,
15 PKIX_KEY_USAGE_CLIENT_AUTH_OIDSEC_OID_EXT_KEY_USAGE_CLIENT_AUTH,
16 PKIX_KEY_USAGE_CODE_SIGN_OIDSEC_OID_EXT_KEY_USAGE_CODE_SIGN,
17 PKIX_KEY_USAGE_EMAIL_PROTECT_OIDSEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT,
18 PKIX_KEY_USAGE_TIME_STAMP_OIDSEC_OID_EXT_KEY_USAGE_TIME_STAMP,
19 PKIX_KEY_USAGE_OCSP_RESPONDER_OIDSEC_OID_OCSP_RESPONDER,
20 PKIX_UNKNOWN_OIDSEC_OID_UNKNOWN
21};
22
23typedef struct pkix_EkuCheckerStruct {
24 PKIX_List *requiredExtKeyUsageOids;
25 PKIX_PL_OID *ekuOID;
26} pkix_EkuChecker;
27
28
29/*
30 * FUNCTION: pkix_EkuChecker_Destroy
31 * (see comments for PKIX_DestructorCallback in pkix_pl_system.h)
32 */
33static PKIX_Error *
34pkix_EkuChecker_Destroy(
35 PKIX_PL_Object *object,
36 void *plContext)
37{
38 pkix_EkuChecker *ekuCheckerState = NULL((void*)0);
39
40 PKIX_ENTER(EKUCHECKER, "pkix_EkuChecker_Destroy")static const char cMyFuncName[] = {"pkix_EkuChecker_Destroy"}
; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName
; stdVars.aPkixType = PKIX_EKUCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
41 PKIX_NULLCHECK_ONE(object)do { if ((object) == ((void*)0)){ stdVars.aPkixErrorReceived =
((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT
; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean
) 1), plContext);; } } while (0);
42
43 PKIX_CHECK(pkix_CheckType(object, PKIX_EKUCHECKER_TYPE, plContext),do { stdVars.aPkixErrorResult = (pkix_CheckType(object, PKIX_EKUCHECKER_TYPE
, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass
= stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_OBJECTNOTANEKUCHECKERSTATE; goto cleanup; } } while (
0)
44 PKIX_OBJECTNOTANEKUCHECKERSTATE)do { stdVars.aPkixErrorResult = (pkix_CheckType(object, PKIX_EKUCHECKER_TYPE
, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass
= stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_OBJECTNOTANEKUCHECKERSTATE; goto cleanup; } } while (
0);
45
46 ekuCheckerState = (pkix_EkuChecker *)object;
47
48 PKIX_DECREF(ekuCheckerState->ekuOID)do { if (ekuCheckerState->ekuOID){ stdVars.aPkixTempResult
= PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(ekuCheckerState->
ekuOID), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError
(&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult
= ((void*)0); } ekuCheckerState->ekuOID = ((void*)0); } }
while (0);
49 PKIX_DECREF(ekuCheckerState->requiredExtKeyUsageOids)do { if (ekuCheckerState->requiredExtKeyUsageOids){ stdVars
.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(
ekuCheckerState->requiredExtKeyUsageOids), plContext); if (
stdVars.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars
.aPkixTempResult, plContext); stdVars.aPkixTempResult = ((void
*)0); } ekuCheckerState->requiredExtKeyUsageOids = ((void*
)0); } } while (0);
50
51cleanup:
52
53 PKIX_RETURN(EKUCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_EKUCHECKER_ERROR), (
(PKIX_Boolean) 1), plContext);;
54}
55
56/*
57 * FUNCTION: pkix_EkuChecker_RegisterSelf
58 *
59 * DESCRIPTION:
60 * Registers PKIX_PL_HTTPCERTSTORECONTEXT_TYPE and its related
61 * functions with systemClasses[]
62 *
63 * THREAD SAFETY:
64 * Not Thread Safe - for performance and complexity reasons
65 *
66 * Since this function is only called by PKIX_PL_Initialize, which should
67 * only be called once, it is acceptable that this function is not
68 * thread-safe.
69 */
70PKIX_Error *
71pkix_EkuChecker_RegisterSelf(void *plContext)
72{
73 extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
74 pkix_ClassTable_Entry *entry = &systemClasses[PKIX_EKUCHECKER_TYPE];
75
76 PKIX_ENTER(EKUCHECKER, "pkix_EkuChecker_RegisterSelf")static const char cMyFuncName[] = {"pkix_EkuChecker_RegisterSelf"
}; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName
; stdVars.aPkixType = PKIX_EKUCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
77
78 entry->description = "EkuChecker";
79 entry->typeObjectSize = sizeof(pkix_EkuChecker);
80 entry->destructor = pkix_EkuChecker_Destroy;
81
82 PKIX_RETURN(EKUCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_EKUCHECKER_ERROR), (
(PKIX_Boolean) 1), plContext);;
83}
84
85/*
86 * FUNCTION: pkix_EkuChecker_Create
87 * DESCRIPTION:
88 *
89 * Creates a new Extend Key Usage CheckerState using "params" to retrieve
90 * application specified EKU for verification and stores it at "pState".
91 *
92 * PARAMETERS:
93 * "params"
94 * a PKIX_ProcessingParams links to PKIX_ComCertSelParams where a list of
95 * Extended Key Usage OIDs specified by application can be retrieved for
96 * verification.
97 * "pState"
98 * Address where state pointer will be stored. Must be non-NULL.
99 * "plContext"
100 * Platform-specific context pointer.
101 * THREAD SAFETY:
102 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
103 * RETURNS:
104 * Returns NULL if the function succeeds.
105 * Returns a UserDefinedModules Error if the function fails in a
106 * non-fatal way.
107 * Returns a Fatal Error if the function fails in an unrecoverable way.
108 */
109static PKIX_Error *
110pkix_EkuChecker_Create(
111 PKIX_ProcessingParams *params,
112 pkix_EkuChecker **pState,
113 void *plContext)
114{
115 pkix_EkuChecker *state = NULL((void*)0);
116 PKIX_CertSelector *certSelector = NULL((void*)0);
117 PKIX_ComCertSelParams *comCertSelParams = NULL((void*)0);
118 PKIX_List *requiredOids = NULL((void*)0);
119
120 PKIX_ENTER(EKUCHECKER, "pkix_EkuChecker_Create")static const char cMyFuncName[] = {"pkix_EkuChecker_Create"};
PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName
; stdVars.aPkixType = PKIX_EKUCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
9
Taking false branch
121 PKIX_NULLCHECK_TWO(params, pState)do { if (((params) == ((void*)0)) || ((pState) == ((void*)0))
){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode
= PKIX_NULLARGUMENT; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR
), ((PKIX_Boolean) 1), plContext);; } } while (0);
10
Loop condition is false. Exiting loop
11
Taking false branch
12
Loop condition is false. Exiting loop
122
123 PKIX_CHECK(PKIX_PL_Object_Allocdo { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_EKUCHECKER_TYPE
, sizeof (pkix_EkuChecker), (PKIX_PL_Object **)&state, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT; goto cleanup; } }
while (0)
13
Assuming field 'aPkixErrorResult' is non-null
14
Taking true branch
15
Control jumps to line 163
124 (PKIX_EKUCHECKER_TYPE,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_EKUCHECKER_TYPE
, sizeof (pkix_EkuChecker), (PKIX_PL_Object **)&state, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT; goto cleanup; } }
while (0)
125 sizeof (pkix_EkuChecker),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_EKUCHECKER_TYPE
, sizeof (pkix_EkuChecker), (PKIX_PL_Object **)&state, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT; goto cleanup; } }
while (0)
126 (PKIX_PL_Object **)&state,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_EKUCHECKER_TYPE
, sizeof (pkix_EkuChecker), (PKIX_PL_Object **)&state, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT; goto cleanup; } }
while (0)
127 plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_EKUCHECKER_TYPE
, sizeof (pkix_EkuChecker), (PKIX_PL_Object **)&state, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT; goto cleanup; } }
while (0)
128 PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_EKUCHECKER_TYPE
, sizeof (pkix_EkuChecker), (PKIX_PL_Object **)&state, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT; goto cleanup; } }
while (0);
129
130
131 PKIX_CHECK(PKIX_ProcessingParams_GetTargetCertConstraintsdo { stdVars.aPkixErrorResult = (PKIX_ProcessingParams_GetTargetCertConstraints
(params, &certSelector, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED
; goto cleanup; } } while (0)
132 (params, &certSelector, plContext),do { stdVars.aPkixErrorResult = (PKIX_ProcessingParams_GetTargetCertConstraints
(params, &certSelector, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED
; goto cleanup; } } while (0)
133 PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED)do { stdVars.aPkixErrorResult = (PKIX_ProcessingParams_GetTargetCertConstraints
(params, &certSelector, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED
; goto cleanup; } } while (0);
134
135 if (certSelector != NULL((void*)0)) {
136
137 /* Get initial EKU OIDs from ComCertSelParams, if set */
138 PKIX_CHECK(PKIX_CertSelector_GetCommonCertSelectorParamsdo { stdVars.aPkixErrorResult = (PKIX_CertSelector_GetCommonCertSelectorParams
(certSelector, &comCertSelParams, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED
; goto cleanup; } } while (0)
139 (certSelector, &comCertSelParams, plContext),do { stdVars.aPkixErrorResult = (PKIX_CertSelector_GetCommonCertSelectorParams
(certSelector, &comCertSelParams, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED
; goto cleanup; } } while (0)
140 PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertSelector_GetCommonCertSelectorParams
(certSelector, &comCertSelParams, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED
; goto cleanup; } } while (0);
141
142 if (comCertSelParams != NULL((void*)0)) {
143 PKIX_CHECK(PKIX_ComCertSelParams_GetExtendedKeyUsagedo { stdVars.aPkixErrorResult = (PKIX_ComCertSelParams_GetExtendedKeyUsage
(comCertSelParams, &requiredOids, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED
; goto cleanup; } } while (0)
144 (comCertSelParams, &requiredOids, plContext),do { stdVars.aPkixErrorResult = (PKIX_ComCertSelParams_GetExtendedKeyUsage
(comCertSelParams, &requiredOids, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED
; goto cleanup; } } while (0)
145 PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED)do { stdVars.aPkixErrorResult = (PKIX_ComCertSelParams_GetExtendedKeyUsage
(comCertSelParams, &requiredOids, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED
; goto cleanup; } } while (0);
146
147 }
148 }
149
150 PKIX_CHECK(PKIX_PL_OID_Createdo { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_EXT_KEY_USAGE
, &state->ekuOID, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup
; } } while (0)
151 (PKIX_EXTENDEDKEYUSAGE_OID,do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_EXT_KEY_USAGE
, &state->ekuOID, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup
; } } while (0)
152 &state->ekuOID,do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_EXT_KEY_USAGE
, &state->ekuOID, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup
; } } while (0)
153 plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_EXT_KEY_USAGE
, &state->ekuOID, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup
; } } while (0)
154 PKIX_OIDCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_OID_Create (SEC_OID_X509_EXT_KEY_USAGE
, &state->ekuOID, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_OIDCREATEFAILED; goto cleanup
; } } while (0);
155
156 state->requiredExtKeyUsageOids = requiredOids;
157 requiredOids = NULL((void*)0);
158 *pState = state;
159 state = NULL((void*)0);
160
161cleanup:
162
163 PKIX_DECREF(certSelector)do { if (certSelector){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(certSelector), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } certSelector = ((void
*)0); } } while (0);
16
Taking false branch
17
Loop condition is false. Exiting loop
164 PKIX_DECREF(comCertSelParams)do { if (comCertSelParams){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(comCertSelParams), plContext); if (stdVars
.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult
, plContext); stdVars.aPkixTempResult = ((void*)0); } comCertSelParams
= ((void*)0); } } while (0);
18
Taking false branch
19
Loop condition is false. Exiting loop
165 PKIX_DECREF(requiredOids)do { if (requiredOids){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(requiredOids), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } requiredOids = ((void
*)0); } } while (0);
20
Taking false branch
21
Loop condition is false. Exiting loop
166 PKIX_DECREF(state)do { if (state){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(state), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } state = ((void*)0)
; } } while (0);
22
Assuming 'state' is null
23
Taking false branch
24
Loop condition is false. Exiting loop
167
168 PKIX_RETURN(EKUCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_EKUCHECKER_ERROR), (
(PKIX_Boolean) 1), plContext);;
25
Returning without writing to '*pState'
26
Returning pointer, which participates in a condition later
169}
170
171/*
172 * FUNCTION: pkix_EkuChecker_Check
173 * DESCRIPTION:
174 *
175 * This function determines the Extended Key Usage OIDs specified by the
176 * application is included in the Extended Key Usage OIDs of this "cert".
177 *
178 * PARAMETERS:
179 * "checker"
180 * Address of CertChainChecker which has the state data.
181 * Must be non-NULL.
182 * "cert"
183 * Address of Certificate that is to be validated. Must be non-NULL.
184 * "unresolvedCriticalExtensions"
185 * A List OIDs. The OID for Extended Key Usage is removed.
186 * "plContext"
187 * Platform-specific context pointer.
188 * THREAD SAFETY:
189 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
190 * RETURNS:
191 * Returns NULL if the function succeeds.
192 * Returns a UserDefinedModules Error if the function fails in
193 * a non-fatal way.
194 * Returns a Fatal Error if the function fails in an unrecoverable way.
195 */
196static PKIX_Error *
197pkix_EkuChecker_Check(
198 PKIX_CertChainChecker *checker,
199 PKIX_PL_Cert *cert,
200 PKIX_List *unresolvedCriticalExtensions,
201 void **pNBIOContext,
202 void *plContext)
203{
204 pkix_EkuChecker *state = NULL((void*)0);
205 PKIX_List *requiredExtKeyUsageList = NULL((void*)0);
206 PKIX_List *certExtKeyUsageList = NULL((void*)0);
207 PKIX_PL_OID *ekuOid = NULL((void*)0);
208 PKIX_Boolean isContained = PKIX_FALSE((PKIX_Boolean) 0);
209 PKIX_UInt32 numItems = 0;
210 PKIX_UInt32 i;
211 PKIX_Boolean checkResult = PKIX_TRUE((PKIX_Boolean) 1);
212
213 PKIX_ENTER(EKUCHECKER, "pkix_EkuChecker_Check")static const char cMyFuncName[] = {"pkix_EkuChecker_Check"}; PKIX_StdVars
stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName; stdVars
.aPkixType = PKIX_EKUCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
214 PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext)do { if (((checker) == ((void*)0)) || ((cert) == ((void*)0)) ||
((pNBIOContext) == ((void*)0))){ stdVars.aPkixErrorReceived =
((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT
; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean
) 1), plContext);; } } while (0);
215
216 *pNBIOContext = NULL((void*)0); /* no non-blocking IO */
217
218 PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_GetCertChainCheckerState
(checker, (PKIX_PL_Object **)&state, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED
; goto cleanup; } } while (0)
219 PKIX_CertChainChecker_GetCertChainCheckerStatedo { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_GetCertChainCheckerState
(checker, (PKIX_PL_Object **)&state, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED
; goto cleanup; } } while (0)
220 (checker, (PKIX_PL_Object **)&state, plContext),do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_GetCertChainCheckerState
(checker, (PKIX_PL_Object **)&state, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED
; goto cleanup; } } while (0)
221 PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_GetCertChainCheckerState
(checker, (PKIX_PL_Object **)&state, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED
; goto cleanup; } } while (0);
222
223 requiredExtKeyUsageList = state->requiredExtKeyUsageOids;
224 if (requiredExtKeyUsageList == NULL((void*)0)) {
225 goto cleanup;
226 }
227
228 PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(requiredExtKeyUsageList
, &numItems, plContext)); if (stdVars.aPkixErrorResult) {
stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup
; } } while (0)
229 PKIX_List_GetLength(requiredExtKeyUsageList, &numItems,do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(requiredExtKeyUsageList
, &numItems, plContext)); if (stdVars.aPkixErrorResult) {
stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup
; } } while (0)
230 plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(requiredExtKeyUsageList
, &numItems, plContext)); if (stdVars.aPkixErrorResult) {
stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup
; } } while (0)
231 PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength(requiredExtKeyUsageList
, &numItems, plContext)); if (stdVars.aPkixErrorResult) {
stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup
; } } while (0);
232 if (numItems == 0) {
233 goto cleanup;
234 }
235
236 PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetExtendedKeyUsage
(cert, &certExtKeyUsageList, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_CERTGETEXTENDEDKEYUSAGEFAILED
; goto cleanup; } } while (0)
237 PKIX_PL_Cert_GetExtendedKeyUsage(cert, &certExtKeyUsageList,do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetExtendedKeyUsage
(cert, &certExtKeyUsageList, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_CERTGETEXTENDEDKEYUSAGEFAILED
; goto cleanup; } } while (0)
238 plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetExtendedKeyUsage
(cert, &certExtKeyUsageList, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_CERTGETEXTENDEDKEYUSAGEFAILED
; goto cleanup; } } while (0)
239 PKIX_CERTGETEXTENDEDKEYUSAGEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetExtendedKeyUsage
(cert, &certExtKeyUsageList, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_CERTGETEXTENDEDKEYUSAGEFAILED
; goto cleanup; } } while (0);
240
241 if (certExtKeyUsageList == NULL((void*)0)) {
242 goto cleanup;
243 }
244
245 for (i = 0; i < numItems; i++) {
246
247 PKIX_CHECK(do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(requiredExtKeyUsageList
, i, (PKIX_PL_Object **)&ekuOid, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED
; goto cleanup; } } while (0)
248 PKIX_List_GetItem(requiredExtKeyUsageList, i,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(requiredExtKeyUsageList
, i, (PKIX_PL_Object **)&ekuOid, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED
; goto cleanup; } } while (0)
249 (PKIX_PL_Object **)&ekuOid, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(requiredExtKeyUsageList
, i, (PKIX_PL_Object **)&ekuOid, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED
; goto cleanup; } } while (0)
250 PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem(requiredExtKeyUsageList
, i, (PKIX_PL_Object **)&ekuOid, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED
; goto cleanup; } } while (0);
251
252 PKIX_CHECK(do { stdVars.aPkixErrorResult = (pkix_List_Contains(certExtKeyUsageList
, (PKIX_PL_Object *)ekuOid, &isContained, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED
; goto cleanup; } } while (0)
253 pkix_List_Contains(certExtKeyUsageList,do { stdVars.aPkixErrorResult = (pkix_List_Contains(certExtKeyUsageList
, (PKIX_PL_Object *)ekuOid, &isContained, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED
; goto cleanup; } } while (0)
254 (PKIX_PL_Object *)ekuOid,do { stdVars.aPkixErrorResult = (pkix_List_Contains(certExtKeyUsageList
, (PKIX_PL_Object *)ekuOid, &isContained, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED
; goto cleanup; } } while (0)
255 &isContained,do { stdVars.aPkixErrorResult = (pkix_List_Contains(certExtKeyUsageList
, (PKIX_PL_Object *)ekuOid, &isContained, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED
; goto cleanup; } } while (0)
256 plContext),do { stdVars.aPkixErrorResult = (pkix_List_Contains(certExtKeyUsageList
, (PKIX_PL_Object *)ekuOid, &isContained, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED
; goto cleanup; } } while (0)
257 PKIX_LISTCONTAINSFAILED)do { stdVars.aPkixErrorResult = (pkix_List_Contains(certExtKeyUsageList
, (PKIX_PL_Object *)ekuOid, &isContained, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCONTAINSFAILED
; goto cleanup; } } while (0);
258
259 PKIX_DECREF(ekuOid)do { if (ekuOid){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(ekuOid), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } ekuOid = ((void*)0
); } } while (0);
260 if (isContained != PKIX_TRUE((PKIX_Boolean) 1)) {
261 checkResult = PKIX_FALSE((PKIX_Boolean) 0);
262 goto cleanup;
263 }
264 }
265
266cleanup:
267 if (!pkixErrorResultstdVars.aPkixErrorResult && checkResult == PKIX_FALSE((PKIX_Boolean) 0)) {
268 pkixErrorReceivedstdVars.aPkixErrorReceived = PKIX_TRUE((PKIX_Boolean) 1);
269 pkixErrorCodestdVars.aPkixErrorCode = PKIX_EXTENDEDKEYUSAGECHECKINGFAILED;
270 }
271
272 PKIX_DECREF(ekuOid)do { if (ekuOid){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(ekuOid), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } ekuOid = ((void*)0
); } } while (0);
273 PKIX_DECREF(certExtKeyUsageList)do { if (certExtKeyUsageList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(certExtKeyUsageList), plContext); if (stdVars
.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult
, plContext); stdVars.aPkixTempResult = ((void*)0); } certExtKeyUsageList
= ((void*)0); } } while (0);
274 PKIX_DECREF(state)do { if (state){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(state), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } state = ((void*)0)
; } } while (0);
275
276 PKIX_RETURN(EKUCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_EKUCHECKER_ERROR), (
(PKIX_Boolean) 1), plContext);;
277}
278
279/*
280 * FUNCTION: pkix_EkuChecker_Initialize
281 * (see comments in pkix_sample_modules.h)
282 */
283PKIX_Error *
284PKIX_EkuChecker_Create(
285 PKIX_ProcessingParams *params,
286 PKIX_CertChainChecker **pEkuChecker,
287 void *plContext)
288{
289 pkix_EkuChecker *state = NULL((void*)0);
1
'state' initialized to a null pointer value
290 PKIX_List *critExtOIDsList = NULL((void*)0);
291
292 PKIX_ENTER(EKUCHECKER, "PKIX_EkuChecker_Initialize")static const char cMyFuncName[] = {"PKIX_EkuChecker_Initialize"
}; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName
; stdVars.aPkixType = PKIX_EKUCHECKER_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
2
Assuming 'pkixLoggersDebugTrace' is null
3
Taking false branch
4
Loop condition is false. Exiting loop
293 PKIX_NULLCHECK_ONE(params)do { if ((params) == ((void*)0)){ stdVars.aPkixErrorReceived =
((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT
; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean
) 1), plContext);; } } while (0);
5
Assuming 'params' is not equal to null
6
Taking false branch
7
Loop condition is false. Exiting loop
294
295 /*
296 * This function and functions in this file provide an example of how
297 * an application defined checker can be hooked into libpkix.
298 */
299
300 PKIX_CHECK(pkix_EkuChecker_Createdo { stdVars.aPkixErrorResult = (pkix_EkuChecker_Create (params
, &state, plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_EKUCHECKERSTATECREATEFAILED; goto cleanup
; } } while (0)
8
Calling 'pkix_EkuChecker_Create'
27
Returning from 'pkix_EkuChecker_Create'
28
Assuming field 'aPkixErrorResult' is null
29
Taking false branch
30
Loop condition is false. Exiting loop
301 (params, &state, plContext),do { stdVars.aPkixErrorResult = (pkix_EkuChecker_Create (params
, &state, plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_EKUCHECKERSTATECREATEFAILED; goto cleanup
; } } while (0)
302 PKIX_EKUCHECKERSTATECREATEFAILED)do { stdVars.aPkixErrorResult = (pkix_EkuChecker_Create (params
, &state, plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_EKUCHECKERSTATECREATEFAILED; goto cleanup
; } } while (0);
303
304 PKIX_CHECK(PKIX_List_Create(&critExtOIDsList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create(&critExtOIDsList
, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass
= stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_LISTCREATEFAILED; goto cleanup; } } while (0)
31
Assuming field 'aPkixErrorResult' is null
32
Taking false branch
33
Loop condition is false. Exiting loop
305 PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create(&critExtOIDsList
, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass
= stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_LISTCREATEFAILED; goto cleanup; } } while (0);
306
307 PKIX_CHECK(PKIX_List_AppendItemdo { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (critExtOIDsList
, (PKIX_PL_Object *)state->ekuOID, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED
; goto cleanup; } } while (0)
34
Access to field 'ekuOID' results in a dereference of a null pointer (loaded from variable 'state')
308 (critExtOIDsList,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (critExtOIDsList
, (PKIX_PL_Object *)state->ekuOID, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED
; goto cleanup; } } while (0)
309 (PKIX_PL_Object *)state->ekuOID,do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (critExtOIDsList
, (PKIX_PL_Object *)state->ekuOID, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED
; goto cleanup; } } while (0)
310 plContext),do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (critExtOIDsList
, (PKIX_PL_Object *)state->ekuOID, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED
; goto cleanup; } } while (0)
311 PKIX_LISTAPPENDITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (critExtOIDsList
, (PKIX_PL_Object *)state->ekuOID, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED
; goto cleanup; } } while (0);
312
313 PKIX_CHECK(PKIX_CertChainChecker_Createdo { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create
(pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0
), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while
(0)
314 (pkix_EkuChecker_Check,do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create
(pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0
), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while
(0)
315 PKIX_TRUE, /* forwardCheckingSupported */do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create
(pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0
), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while
(0)
316 PKIX_FALSE, /* forwardDirectionExpected */do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create
(pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0
), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while
(0)
317 critExtOIDsList,do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create
(pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0
), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while
(0)
318 (PKIX_PL_Object *) state,do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create
(pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0
), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while
(0)
319 pEkuChecker,do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create
(pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0
), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while
(0)
320 plContext),do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create
(pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0
), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while
(0)
321 PKIX_CERTCHAINCHECKERCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertChainChecker_Create
(pkix_EkuChecker_Check, ((PKIX_Boolean) 1), ((PKIX_Boolean) 0
), critExtOIDsList, (PKIX_PL_Object *) state, pEkuChecker, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_CERTCHAINCHECKERCREATEFAILED; goto cleanup; } } while
(0);
322cleanup:
323
324 PKIX_DECREF(critExtOIDsList)do { if (critExtOIDsList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(critExtOIDsList), plContext); if (stdVars
.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult
, plContext); stdVars.aPkixTempResult = ((void*)0); } critExtOIDsList
= ((void*)0); } } while (0);
325 PKIX_DECREF(state)do { if (state){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(state), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } state = ((void*)0)
; } } while (0);
326
327 PKIX_RETURN(EKUCHECKER)return PKIX_DoReturn(&stdVars, (PKIX_EKUCHECKER_ERROR), (
(PKIX_Boolean) 1), plContext);;
328}