OpenCoverage

pcy_tree.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/x509v3/pcy_tree.c
Switch to Source codePreprocessed file
LineSourceCount
1-
2static int-
3tree_init(X509_POLICY_TREE **ptree, struct stack_st_X509 *certs, unsigned int flags)-
4{-
5 X509_POLICY_TREE *tree;-
6 X509_POLICY_LEVEL *level;-
7 const X509_POLICY_CACHE *cache;-
8 X509_POLICY_DATA *data = -
9 ((void *)0)-
10 ;-
11 X509 *x;-
12 int ret = 1;-
13 int i, n;-
14 int explicit_policy;-
15 int any_skip;-
16 int map_skip;-
17-
18 *ptree = -
19 ((void *)0)-
20 ;-
21 n = sk_num(((_STACK*) (1 ? (certs) : (struct stack_st_X509*)0)));-
22-
23 if (flags & 0x100
flags & 0x100Description
TRUEnever evaluated
FALSEnever evaluated
)		0
24 explicit_policy = 0;
never executed: explicit_policy = 0;
0
25 else-
26 explicit_policy = n + 1;
never executed: explicit_policy = n + 1;
0
27-
28 if (flags & 0x200
flags & 0x200Description
TRUEnever evaluated
FALSEnever evaluated
)		0
29 any_skip = 0;
never executed: any_skip = 0;
0
30 else-
31 any_skip = n + 1;
never executed: any_skip = n + 1;
0
32-
33 if (flags & 0x400
flags & 0x400Description
TRUEnever evaluated
FALSEnever evaluated
)		0
34 map_skip = 0;
never executed: map_skip = 0;
0
35 else-
36 map_skip = n + 1;
never executed: map_skip = n + 1;
0
37-
38-
39 if (n == 1
n == 1Description
TRUEnever evaluated
FALSEnever evaluated
)		0
40 return
never executed: return 1;
 1;
never executed: return 1;
0
41-
42-
43-
44-
45 for (i = n - 2; i >= 0
i >= 0Description
TRUEnever evaluated
FALSEnever evaluated
; i--) {		0
46 x = ((X509 *)sk_value(((_STACK*) (1 ? (certs) : (struct stack_st_X509*)0)), (i)));-
47 X509_check_purpose(x, -1, -1);-
48 cache = policy_cache_set(x);-
49-
50 if (cache ==
cache == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
51 ((void *)0)
cache == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
52 )-
53 return
never executed: return 0;
 0;
never executed: return 0;
0
54-
55 if (x->ex_flags & 0x0800
x->ex_flags & 0x0800Description
TRUEnever evaluated
FALSEnever evaluated
)		0
56 ret = -1;
never executed: ret = -1;
0
57-
58-
59-
60 else if ((
(ret == 1)Description
TRUEnever evaluated
FALSEnever evaluated
ret == 1)
(ret == 1)Description
TRUEnever evaluated
FALSEnever evaluated
 && !cache->data
!cache->dataDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
61 ret = 2;
never executed: ret = 2;
0
62 if (explicit_policy > 0
explicit_policy > 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
63 if (!(x->ex_flags & 0x0020)
!(x->ex_flags & 0x0020)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
64 explicit_policy--;
never executed: explicit_policy--;
0
65 if ((
(cache->explicit_skip != -1)Description
TRUEnever evaluated
FALSEnever evaluated
cache->explicit_skip != -1)
(cache->explicit_skip != -1)Description
TRUEnever evaluated
FALSEnever evaluated
 &&		0
66 (
(cache->explic...plicit_policy)Description
TRUEnever evaluated
FALSEnever evaluated
cache->explicit_skip < explicit_policy)
(cache->explic...plicit_policy)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
67 explicit_policy = cache->explicit_skip;
never executed: explicit_policy = cache->explicit_skip;
0
68 }
never executed: end of block
0
69 }
never executed: end of block
0
70-
71 if (ret != 1
ret != 1Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
72 if (ret == 2
ret == 2Description
TRUEnever evaluated
FALSEnever evaluated
 && !explicit_policy
!explicit_policyDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
73 return
never executed: return 6;
 6;
never executed: return 6;
0
74 return
never executed: return ret;
 ret;
never executed: return ret;
0
75 }-
76-
77-
78-
79-
80 tree = malloc(sizeof(X509_POLICY_TREE));-
81-
82 if (!tree
!treeDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
83 return
never executed: return 0;
 0;
never executed: return 0;
0
84-
85 tree->flags = 0;-
86 tree->levels = calloc(n, sizeof(X509_POLICY_LEVEL));-
87 tree->nlevel = 0;-
88 tree->extra_data = -
89 ((void *)0)-
90 ;-
91 tree->auth_policies = -
92 ((void *)0)-
93 ;-
94 tree->user_policies = -
95 ((void *)0)-
96 ;-
97-
98 if (!tree->levels
!tree->levelsDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
99 free(tree);-
100 return
never executed: return 0;
 0;
never executed: return 0;
0
101 }-
102-
103 tree->nlevel = n;-
104-
105 level = tree->levels;-
106-
107-
108-
109 data = policy_data_new(-
110 ((void *)0)-
111 , OBJ_nid2obj(746), 0);-
112-
113 if (!data
!dataDescription
TRUEnever evaluated
FALSEnever evaluated
 || !level_add_node(level, data,
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
114 ((void *)0)
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
115 , tree,
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
116 ((void *)0)
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
117 )
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
)		0
118 goto
never executed: goto bad_tree;
 bad_tree;
never executed: goto bad_tree;
0
119-
120 for (i = n - 2; i >= 0
i >= 0Description
TRUEnever evaluated
FALSEnever evaluated
; i--) {		0
121 level++;-
122 x = ((X509 *)sk_value(((_STACK*) (1 ? (certs) : (struct stack_st_X509*)0)), (i)));-
123 cache = policy_cache_set(x);-
124 CRYPTO_add_lock(&x->references,1,3,__FILE__,245);-
125 level->cert = x;-
126-
127 if (!cache->anyPolicy
!cache->anyPolicyDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
128 level->flags |= 0x200;
never executed: level->flags |= 0x200;
0
129-
130-
131 if (any_skip == 0
any_skip == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
132-
133-
134-
135 if (!(x->ex_flags & 0x0020)
!(x->ex_flags & 0x0020)Description
TRUEnever evaluated
FALSEnever evaluated
 || (
(i == 0)Description
TRUEnever evaluated
FALSEnever evaluated
i == 0)
(i == 0)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
136 level->flags |= 0x200;
never executed: level->flags |= 0x200;
0
137 }
never executed: end of block
 else {		0
138 if (!(x->ex_flags & 0x0020)
!(x->ex_flags & 0x0020)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
139 any_skip--;
never executed: any_skip--;
0
140 if ((
(cache->any_skip >= 0)Description
TRUEnever evaluated
FALSEnever evaluated
cache->any_skip >= 0)
(cache->any_skip >= 0)Description
TRUEnever evaluated
FALSEnever evaluated
 &&		0
141 (
(cache->any_skip < any_skip)Description
TRUEnever evaluated
FALSEnever evaluated
cache->any_skip < any_skip)
(cache->any_skip < any_skip)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
142 any_skip = cache->any_skip;
never executed: any_skip = cache->any_skip;
0
143 }
never executed: end of block
0
144-
145 if (map_skip == 0
map_skip == 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
146 level->flags |= 0x400;
never executed: level->flags |= 0x400;
0
147 else {-
148 if (!(x->ex_flags & 0x0020)
!(x->ex_flags & 0x0020)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
149 map_skip--;
never executed: map_skip--;
0
150 if ((
(cache->map_skip >= 0)Description
TRUEnever evaluated
FALSEnever evaluated
cache->map_skip >= 0)
(cache->map_skip >= 0)Description
TRUEnever evaluated
FALSEnever evaluated
 &&		0
151 (
(cache->map_skip < map_skip)Description
TRUEnever evaluated
FALSEnever evaluated
cache->map_skip < map_skip)
(cache->map_skip < map_skip)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
152 map_skip = cache->map_skip;
never executed: map_skip = cache->map_skip;
0
153 }
never executed: end of block
0
154-
155 }-
156-
157 *ptree = tree;-
158-
159 if (explicit_policy
explicit_policyDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
160 return
never executed: return 1;
 1;
never executed: return 1;
0
161 else-
162 return
never executed: return 5;
 5;
never executed: return 5;
0
163-
164bad_tree:-
165 X509_policy_tree_free(tree);-
166-
167 return
never executed: return 0;
 0;
never executed: return 0;
0
168}-
169-
170static int-
171tree_link_matching_nodes(X509_POLICY_LEVEL *curr, const X509_POLICY_DATA *data)-
172{-
173 X509_POLICY_LEVEL *last = curr - 1;-
174 X509_POLICY_NODE *node;-
175 int i, matched = 0;-
176-
177-
178 for (i = 0; i < sk_num(((_STACK*) (1 ? (last->nodes) : (struct stack_st_X509_POLICY_NODE*)0)))
i < sk_num(((_...ICY_NODE*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
179 node = ((X509_POLICY_NODE *)sk_value(((_STACK*) (1 ? (last->nodes) : (struct stack_st_X509_POLICY_NODE*)0)), (i)));-
180 if (policy_node_match(last, node, data->valid_policy)
policy_node_ma...>valid_policy)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
181 if (!level_add_node(curr, data, node,
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
182 ((void *)0)
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
183 ,
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
184 ((void *)0)
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
185 )
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
)		0
186 return
never executed: return 0;
 0;
never executed: return 0;
0
187 matched = 1;-
188 }
never executed: end of block
0
189 }
never executed: end of block
0
190 if (!matched
!matchedDescription
TRUEnever evaluated
FALSEnever evaluated
 && last->anyPolicy
last->anyPolicyDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
191 if (!level_add_node(curr, data, last->anyPolicy,
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
192 ((void *)0)
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
193 ,
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
194 ((void *)0)
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
195 )
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
)		0
196 return
never executed: return 0;
 0;
never executed: return 0;
0
197 }
never executed: end of block
0
198 return
never executed: return 1;
 1;
never executed: return 1;
0
199}-
200-
201-
202-
203-
204-
205-
206static int-
207tree_link_nodes(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache)-
208{-
209 int i;-
210 X509_POLICY_DATA *data;-
211-
212 for (i = 0; i < sk_num(((_STACK*) (1 ? (cache->data) : (struct stack_st_X509_POLICY_DATA*)0)))
i < sk_num(((_...ICY_DATA*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
213 data = ((X509_POLICY_DATA *)sk_value(((_STACK*) (1 ? (cache->data) : (struct stack_st_X509_POLICY_DATA*)0)), (i)));-
214-
215 if (!tree_link_matching_nodes(curr, data)
!tree_link_mat...es(curr, data)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
216 return
never executed: return 0;
 0;
never executed: return 0;
0
217 }
never executed: end of block
0
218 return
never executed: return 1;
 1;
never executed: return 1;
0
219}-
220-
221-
222-
223-
224-
225-
226static int-
227tree_add_unmatched(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache,-
228 const ASN1_OBJECT *id, X509_POLICY_NODE *node, X509_POLICY_TREE *tree)-
229{-
230 X509_POLICY_DATA *data;-
231-
232 if (id ==
id == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
233 ((void *)0)
id == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
234 )-
235 id = node->data->valid_policy;
never executed: id = node->data->valid_policy;
0
236-
237-
238-
239 data = policy_data_new(-
240 ((void *)0)-
241 , id, (node->data->flags & 0x10));-
242-
243 if (data ==
data == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
244 ((void *)0)
data == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
245 )-
246 return
never executed: return 0;
 0;
never executed: return 0;
0
247-
248 data->qualifier_set = cache->anyPolicy->qualifier_set;-
249 data->flags |= 0x4;-
250 if (!level_add_node(curr, data, node, tree,
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
251 ((void *)0)
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
252 )
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
253 policy_data_free(data);-
254 return
never executed: return 0;
 0;
never executed: return 0;
0
255 }-
256-
257 return
never executed: return 1;
 1;
never executed: return 1;
0
258}-
259-
260static int-
261tree_link_unmatched(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache,-
262 X509_POLICY_NODE *node, X509_POLICY_TREE *tree)-
263{-
264 const X509_POLICY_LEVEL *last = curr - 1;-
265 int i;-
266-
267 if ((
(last->flags & 0x400)Description
TRUEnever evaluated
FALSEnever evaluated
last->flags & 0x400)
(last->flags & 0x400)Description
TRUEnever evaluated
FALSEnever evaluated
 ||		0
268 !(node->data->flags & 0x1)
!(node->data->flags & 0x1)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
269-
270 if (node->nchild
node->nchildDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
271 return
never executed: return 1;
 1;
never executed: return 1;
0
272 if (!tree_add_unmatched(curr, cache,
!tree_add_unma... , node, tree)Description
TRUEnever evaluated
FALSEnever evaluated
0
273 ((void *)0)
!tree_add_unma... , node, tree)Description
TRUEnever evaluated
FALSEnever evaluated
0
274 , node, tree)
!tree_add_unma... , node, tree)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
275 return
never executed: return 0;
 0;
never executed: return 0;
0
276-
277 }
never executed: end of block
 else {		0
278-
279 struct stack_st_ASN1_OBJECT *expset = node->data->expected_policy_set;-
280 if (node->nchild == sk_num(((_STACK*) (1 ? (expset) : (struct stack_st_ASN1_OBJECT*)0)))
node->nchild =...1_OBJECT*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
281 return
never executed: return 1;
 1;
never executed: return 1;
0
282-
283 for (i = 0; i < sk_num(((_STACK*) (1 ? (expset) : (struct stack_st_ASN1_OBJECT*)0)))
i < sk_num(((_...1_OBJECT*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
284 ASN1_OBJECT *oid = ((ASN1_OBJECT *)sk_value(((_STACK*) (1 ? (expset) : (struct stack_st_ASN1_OBJECT*)0)), (i)));-
285 if (level_find_node(curr, node, oid)
level_find_nod...rr, node, oid)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
286 continue;
never executed: continue;
0
287 if (!tree_add_unmatched(curr, cache, oid, node, tree)
!tree_add_unma...d, node, tree)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
288 return
never executed: return 0;
 0;
never executed: return 0;
0
289 }
never executed: end of block
0
290 }
never executed: end of block
0
291-
292 return
never executed: return 1;
 1;
never executed: return 1;
0
293}-
294-
295static int-
296tree_link_any(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache,-
297 X509_POLICY_TREE *tree)-
298{-
299 int i;-
300 X509_POLICY_NODE *node;-
301 X509_POLICY_LEVEL *last = curr - 1;-
302-
303 for (i = 0; i < sk_num(((_STACK*) (1 ? (last->nodes) : (struct stack_st_X509_POLICY_NODE*)0)))
i < sk_num(((_...ICY_NODE*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
304 node = ((X509_POLICY_NODE *)sk_value(((_STACK*) (1 ? (last->nodes) : (struct stack_st_X509_POLICY_NODE*)0)), (i)));-
305-
306 if (!tree_link_unmatched(curr, cache, node, tree)
!tree_link_unm...e, node, tree)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
307 return
never executed: return 0;
 0;
never executed: return 0;
0
308 }
never executed: end of block
0
309-
310 if (last->anyPolicy
last->anyPolicyDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
311 if (!level_add_node(curr, cache->anyPolicy,
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
312 last->anyPolicy,
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
313 ((void *)0)
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
314 ,
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
315 ((void *)0)
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
316 )
!level_add_nod... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
)		0
317 return
never executed: return 0;
 0;
never executed: return 0;
0
318 }
never executed: end of block
0
319 return
never executed: return 1;
 1;
never executed: return 1;
0
320}-
321-
322-
323-
324-
325-
326-
327static int-
328tree_prune(X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr)-
329{-
330 struct stack_st_X509_POLICY_NODE *nodes;-
331 X509_POLICY_NODE *node;-
332 int i;-
333-
334 nodes = curr->nodes;-
335 if (curr->flags & 0x400
curr->flags & 0x400Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
336 for (i = sk_num(((_STACK*) (1 ? (nodes) : (struct stack_st_X509_POLICY_NODE*)0))) - 1; i >= 0
i >= 0Description
TRUEnever evaluated
FALSEnever evaluated
; i--) {		0
337 node = ((X509_POLICY_NODE *)sk_value(((_STACK*) (1 ? (nodes) : (struct stack_st_X509_POLICY_NODE*)0)), (i)));-
338-
339 if (node->data->flags & 0x3
node->data->flags & 0x3Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
340 node->parent->nchild--;-
341 free(node);-
342 (void)(X509_POLICY_NODE *)sk_delete(((_STACK*) (1 ? (nodes) : (struct stack_st_X509_POLICY_NODE*)0)), (i));-
343 }
never executed: end of block
0
344 }
never executed: end of block
0
345 }
never executed: end of block
0
346-
347 for (;;) {-
348 --curr;-
349 nodes = curr->nodes;-
350 for (i = sk_num(((_STACK*) (1 ? (nodes) : (struct stack_st_X509_POLICY_NODE*)0))) - 1; i >= 0
i >= 0Description
TRUEnever evaluated
FALSEnever evaluated
; i--) {		0
351 node = ((X509_POLICY_NODE *)sk_value(((_STACK*) (1 ? (nodes) : (struct stack_st_X509_POLICY_NODE*)0)), (i)));-
352 if (node->nchild == 0
node->nchild == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
353 node->parent->nchild--;-
354 free(node);-
355 (void)(X509_POLICY_NODE *)sk_delete(((_STACK*) (1 ? (nodes) : (struct stack_st_X509_POLICY_NODE*)0)), (i));-
356 }
never executed: end of block
0
357 }
never executed: end of block
0
358 if (curr->anyPolicy
curr->anyPolicyDescription
TRUEnever evaluated
FALSEnever evaluated
 && !curr->anyPolicy->nchild
!curr->anyPolicy->nchildDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
359 if (curr->anyPolicy->parent
curr->anyPolicy->parentDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
360 curr->anyPolicy->parent->nchild--;
never executed: curr->anyPolicy->parent->nchild--;
0
361 free(curr->anyPolicy);-
362 curr->anyPolicy = -
363 ((void *)0)-
364 ;-
365 }
never executed: end of block
0
366 if (curr == tree->levels
curr == tree->levelsDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
367-
368 if (!curr->anyPolicy
!curr->anyPolicyDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
369 return
never executed: return 2;
 2;
never executed: return 2;
0
370 return
never executed: return 1;
 1;
never executed: return 1;
0
371 }-
372 }
never executed: end of block
0
373-
374 return
never executed: return 1;
 1;
never executed: return 1;
0
375}-
376-
377static int-
378tree_add_auth_node(struct stack_st_X509_POLICY_NODE **pnodes, X509_POLICY_NODE *pcy)-
379{-
380 if (!*pnodes
!*pnodesDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
381 *pnodes = policy_node_cmp_new();-
382 if (!*pnodes
!*pnodesDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
383 return
never executed: return 0;
 0;
never executed: return 0;
0
384 }
never executed: end of block
 else if (sk_find(((_STACK*) (1 ? (*pnodes) : (struct stack_st_X509_POLICY_NODE*)0)), ((void*) (1 ? (pcy) : (X509_POLICY_NODE*)0))) != -1
sk_find(((_STA...DE*)0))) != -1Description
TRUEnever evaluated
FALSEnever evaluated
)		0
385 return
never executed: return 1;
 1;
never executed: return 1;
0
386-
387 if (!sk_push(((_STACK*) (1 ? (*pnodes) : (struct stack_st_X509_POLICY_NODE*)0)), ((void*) (1 ? (pcy) : (X509_POLICY_NODE*)0)))
!sk_push(((_ST...ICY_NODE*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
388 return
never executed: return 0;
 0;
never executed: return 0;
0
389-
390 return
never executed: return 1;
 1;
never executed: return 1;
0
391}-
392static int-
393tree_calculate_authority_set(X509_POLICY_TREE *tree,-
394 struct stack_st_X509_POLICY_NODE **pnodes)-
395{-
396 X509_POLICY_LEVEL *curr;-
397 X509_POLICY_NODE *node, *anyptr;-
398 struct stack_st_X509_POLICY_NODE **addnodes;-
399 int i, j;-
400-
401 curr = tree->levels + tree->nlevel - 1;-
402-
403-
404 if (curr->anyPolicy
curr->anyPolicyDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
405 if (!tree_add_auth_node(&tree->auth_policies, curr->anyPolicy)
!tree_add_auth...rr->anyPolicy)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
406 return
never executed: return 0;
 0;
never executed: return 0;
0
407 addnodes = pnodes;-
408 }
never executed: end of block
 else		0
409-
410 addnodes = &tree->auth_policies;
never executed: addnodes = &tree->auth_policies;
0
411-
412 curr = tree->levels;-
413 for (i = 1; i < tree->nlevel
i < tree->nlevelDescription
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
414-
415-
416-
417 if (!(anyptr = curr->anyPolicy)
!(anyptr = curr->anyPolicy)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
418 break;
never executed: break;
0
419 curr++;-
420 for (j = 0; j < sk_num(((_STACK*) (1 ? (curr->nodes) : (struct stack_st_X509_POLICY_NODE*)0)))
j < sk_num(((_...ICY_NODE*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
; j++) {		0
421 node = ((X509_POLICY_NODE *)sk_value(((_STACK*) (1 ? (curr->nodes) : (struct stack_st_X509_POLICY_NODE*)0)), (j)));-
422 if ((
(node->parent == anyptr)Description
TRUEnever evaluated
FALSEnever evaluated
node->parent == anyptr)
(node->parent == anyptr)Description
TRUEnever evaluated
FALSEnever evaluated
 &&		0
423 !tree_add_auth_node(addnodes, node)
!tree_add_auth...ddnodes, node)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
424 return
never executed: return 0;
 0;
never executed: return 0;
0
425 }
never executed: end of block
0
426 }
never executed: end of block
0
427-
428 if (addnodes == pnodes
addnodes == pnodesDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
429 return
never executed: return 2;
 2;
never executed: return 2;
0
430-
431 *pnodes = tree->auth_policies;-
432-
433 return
never executed: return 1;
 1;
never executed: return 1;
0
434}-
435-
436static int-
437tree_calculate_user_set(X509_POLICY_TREE *tree,-
438 struct stack_st_ASN1_OBJECT *policy_oids, struct stack_st_X509_POLICY_NODE *auth_nodes)-
439{-
440 int i;-
441 X509_POLICY_NODE *node;-
442 ASN1_OBJECT *oid;-
443 X509_POLICY_NODE *anyPolicy;-
444 X509_POLICY_DATA *extra;-
445-
446-
447-
448-
449-
450 if (sk_num(((_STACK*) (1 ? (policy_oids) : (struct stack_st_ASN1_OBJECT*)0))) <= 0
sk_num(((_STAC...ECT*)0))) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
451 return
never executed: return 1;
 1;
never executed: return 1;
0
452-
453 anyPolicy = tree->levels[tree->nlevel - 1].anyPolicy;-
454-
455 for (i = 0; i < sk_num(((_STACK*) (1 ? (policy_oids) : (struct stack_st_ASN1_OBJECT*)0)))
i < sk_num(((_...1_OBJECT*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
456 oid = ((ASN1_OBJECT *)sk_value(((_STACK*) (1 ? (policy_oids) : (struct stack_st_ASN1_OBJECT*)0)), (i)));-
457 if (OBJ_obj2nid(oid) == 746
OBJ_obj2nid(oid) == 746Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
458 tree->flags |= 0x2;-
459 return
never executed: return 1;
 1;
never executed: return 1;
0
460 }-
461 }
never executed: end of block
0
462-
463 for (i = 0; i < sk_num(((_STACK*) (1 ? (policy_oids) : (struct stack_st_ASN1_OBJECT*)0)))
i < sk_num(((_...1_OBJECT*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
464 oid = ((ASN1_OBJECT *)sk_value(((_STACK*) (1 ? (policy_oids) : (struct stack_st_ASN1_OBJECT*)0)), (i)));-
465 node = tree_find_sk(auth_nodes, oid);-
466 if (!node
!nodeDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
467 if (!anyPolicy
!anyPolicyDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
468 continue;
never executed: continue;
0
469-
470-
471-
472 extra = policy_data_new(-
473 ((void *)0)-
474 , oid,-
475 (anyPolicy->data->flags & 0x10));-
476 if (!extra
!extraDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
477 return
never executed: return 0;
 0;
never executed: return 0;
0
478 extra->qualifier_set = anyPolicy->data->qualifier_set;-
479 extra->flags = 0x4 |-
480 0x8;-
481 (void) level_add_node(-
482 ((void *)0)-
483 , extra, anyPolicy->parent,-
484 tree, &node);-
485 }
never executed: end of block
0
486 if (!tree->user_policies
!tree->user_policiesDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
487 tree->user_policies = ((struct stack_st_X509_POLICY_NODE *)sk_new_null());-
488 if (!tree->user_policies
!tree->user_policiesDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
489 return
never executed: return 1;
 1;
never executed: return 1;
0
490 }
never executed: end of block
0
491 if (!sk_push(((_STACK*) (1 ? (tree->user_policies) : (struct stack_st_X509_POLICY_NODE*)0)), ((void*) (1 ? (node) : (X509_POLICY_NODE*)0)))
!sk_push(((_ST...ICY_NODE*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
492 return
never executed: return 0;
 0;
never executed: return 0;
0
493 }
never executed: end of block
0
494 return
never executed: return 1;
 1;
never executed: return 1;
0
495}-
496-
497static int-
498tree_evaluate(X509_POLICY_TREE *tree)-
499{-
500 int ret, i;-
501 X509_POLICY_LEVEL *curr = tree->levels + 1;-
502 const X509_POLICY_CACHE *cache;-
503-
504 for (i = 1; i < tree->nlevel
i < tree->nlevelDescription
TRUEnever evaluated
FALSEnever evaluated
; i++, curr++) {		0
505 cache = policy_cache_set(curr->cert);-
506 if (!tree_link_nodes(curr, cache)
!tree_link_nodes(curr, cache)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
507 return
never executed: return 0;
 0;
never executed: return 0;
0
508-
509 if (!(curr->flags & 0x200)
!(curr->flags & 0x200)Description
TRUEnever evaluated
FALSEnever evaluated
 &&		0
510 !tree_link_any(curr, cache, tree)
!tree_link_any..., cache, tree)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
511 return
never executed: return 0;
 0;
never executed: return 0;
0
512 ;-
513 ret = tree_prune(tree, curr);-
514 if (ret != 1
ret != 1Description
TRUEnever evaluated
FALSEnever evaluated
)		0
515 return
never executed: return ret;
 ret;
never executed: return ret;
0
516 }
never executed: end of block
0
517-
518 return
never executed: return 1;
 1;
never executed: return 1;
0
519}-
520-
521static void-
522exnode_free(X509_POLICY_NODE *node)-
523{-
524 if (node->data
node->dataDescription
TRUEnever evaluated
FALSEnever evaluated
 && (
(node->data->flags & 0x8)Description
TRUEnever evaluated
FALSEnever evaluated
node->data->flags & 0x8)
(node->data->flags & 0x8)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
525 free(node);
never executed: free(node);
0
526}
never executed: end of block
0
527-
528void-
529X509_policy_tree_free(X509_POLICY_TREE *tree)-
530{-
531 X509_POLICY_LEVEL *curr;-
532 int i;-
533-
534 if (!tree
!treeDescription
TRUEevaluated 1 time by 1 test
Evaluated by:
  • freenull
FALSEnever evaluated
)		0-1
535 return;
executed 1 time by 1 test: return;
Executed by:
  • freenull
1
536-
537 sk_free(((_STACK*) (1 ? (tree->auth_policies) : (struct stack_st_X509_POLICY_NODE*)0)));-
538 sk_pop_free(((_STACK*) (1 ? (tree->user_policies) : (struct stack_st_X509_POLICY_NODE*)0)), ((void (*)(void *)) ((1 ? (exnode_free) : (void (*)(X509_POLICY_NODE *))0))));-
539-
540 for (i = 0, curr = tree->levels; i < tree->nlevel
i < tree->nlevelDescription
TRUEnever evaluated
FALSEnever evaluated
; i++, curr++) {		0
541 X509_free(curr->cert);-
542 if (curr->nodes
curr->nodesDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
543 sk_pop_free(((_STACK*) (1 ? (curr->nodes) : (struct stack_st_X509_POLICY_NODE*)0)), ((void (*)(void *)) ((1 ? (policy_node_free) : (void (*)(X509_POLICY_NODE *))0))))
never executed: sk_pop_free(((_STACK*) (1 ? (curr->nodes) : (struct stack_st_X509_POLICY_NODE*)0)), ((void (*)(void *)) ((1 ? (policy_node_free) : (void (*)(X509_POLICY_NODE *))0)))) ;
0
544 ;
never executed: sk_pop_free(((_STACK*) (1 ? (curr->nodes) : (struct stack_st_X509_POLICY_NODE*)0)), ((void (*)(void *)) ((1 ? (policy_node_free) : (void (*)(X509_POLICY_NODE *))0)))) ;
0
545 if (curr->anyPolicy
curr->anyPolicyDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
546 policy_node_free(curr->anyPolicy);
never executed: policy_node_free(curr->anyPolicy);
0
547 }
never executed: end of block
0
548-
549 if (tree->extra_data
tree->extra_dataDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
550 sk_pop_free(((_STACK*) (1 ? (tree->extra_data) : (struct stack_st_X509_POLICY_DATA*)0)), ((void (*)(void *)) ((1 ? (policy_data_free) : (void (*)(X509_POLICY_DATA *))0))))
never executed: sk_pop_free(((_STACK*) (1 ? (tree->extra_data) : (struct stack_st_X509_POLICY_DATA*)0)), ((void (*)(void *)) ((1 ? (policy_data_free) : (void (*)(X509_POLICY_DATA *))0)))) ;
0
551 ;
never executed: sk_pop_free(((_STACK*) (1 ? (tree->extra_data) : (struct stack_st_X509_POLICY_DATA*)0)), ((void (*)(void *)) ((1 ? (policy_data_free) : (void (*)(X509_POLICY_DATA *))0)))) ;
0
552-
553 free(tree->levels);-
554 free(tree);-
555}
never executed: end of block
0
556int-
557X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,-
558 struct stack_st_X509 *certs, struct stack_st_ASN1_OBJECT *policy_oids,-
559 unsigned int flags)-
560{-
561 int ret, ret2;-
562 X509_POLICY_TREE *tree = -
563 ((void *)0)-
564 ;-
565 struct stack_st_X509_POLICY_NODE *nodes, *auth_nodes = -
566 ((void *)0)-
567 ;-
568-
569 *ptree = -
570 ((void *)0)-
571 ;-
572 *pexplicit_policy = 0;-
573 ret = tree_init(&tree, certs, flags);-
574-
575 switch (ret) {-
576-
577-
578 case
never executed: case 2:
 2:
never executed: case 2:
0
579 return
never executed: return 1;
 1;
never executed: return 1;
0
580-
581-
582 case
never executed: case -1:
 -1:
never executed: case -1:
0
583 return
never executed: return -1;
 -1;
never executed: return -1;
0
584-
585-
586 case
never executed: case 0:
 0:
never executed: case 0:
0
587 return
never executed: return 0;
 0;
never executed: return 0;
0
588-
589-
590-
591 case
never executed: case 6:
 6:
never executed: case 6:
0
592 *pexplicit_policy = 1;-
593 return
never executed: return -2;
 -2;
never executed: return -2;
0
594-
595-
596 case
never executed: case 5:
 5:
never executed: case 5:
0
597 *pexplicit_policy = 1;-
598 break;
never executed: break;
0
599-
600-
601-
602 case
never executed: case 1:
 1:
never executed: case 1:
0
603 if (!tree
!treeDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
604 return
never executed: return 1;
 1;
never executed: return 1;
0
605 break;
never executed: break;
0
606 }-
607-
608 if (!tree
!treeDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
609 goto
never executed: goto error;
 error;
never executed: goto error;
0
610 ret = tree_evaluate(tree);-
611-
612 ;-
613-
614 if (ret <= 0
ret <= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
615 goto
never executed: goto error;
 error;
never executed: goto error;
0
616-
617-
618 if (ret == 2
ret == 2Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
619 X509_policy_tree_free(tree);-
620 if (*
*pexplicit_policyDescription
TRUEnever evaluated
FALSEnever evaluated
pexplicit_policy
*pexplicit_policyDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
621 return
never executed: return -2;
 -2;
never executed: return -2;
0
622 else-
623 return
never executed: return 1;
 1;
never executed: return 1;
0
624 }-
625-
626-
627-
628 ret = tree_calculate_authority_set(tree, &auth_nodes);-
629 if (ret == 0
ret == 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
630 goto
never executed: goto error;
 error;
never executed: goto error;
0
631-
632 ret2 = tree_calculate_user_set(tree, policy_oids, auth_nodes);-
633-
634-
635 if (ret == 2
ret == 2Description
TRUEnever evaluated
FALSEnever evaluated
)		0
636 sk_free(((_STACK*) (1 ? (auth_nodes) : (struct stack_st_X509_POLICY_NODE*)0)));
never executed: sk_free(((_STACK*) (1 ? (auth_nodes) : (struct stack_st_X509_POLICY_NODE*)0)));
0
637-
638 if (ret2 == 0
ret2 == 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
639 goto
never executed: goto error;
 error;
never executed: goto error;
0
640-
641 if (tree
treeDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
642 *
never executed: *ptree = tree;
ptree = tree;
never executed: *ptree = tree;
0
643-
644 if (*
*pexplicit_policyDescription
TRUEnever evaluated
FALSEnever evaluated
pexplicit_policy
*pexplicit_policyDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
645 nodes = X509_policy_tree_get0_user_policies(tree);-
646 if (sk_num(((_STACK*) (1 ? (nodes) : (struct stack_st_X509_POLICY_NODE*)0))) <= 0
sk_num(((_STAC...ODE*)0))) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
647 return
never executed: return -2;
 -2;
never executed: return -2;
0
648 }
never executed: end of block
0
649-
650 return
never executed: return 1;
 1;
never executed: return 1;
0
651-
652error:-
653 X509_policy_tree_free(tree);-
654-
655 return
never executed: return 0;
 0;
never executed: return 0;
0
656}-
Switch to Source codePreprocessed file
Generated by Squish Coco 4.2.2