Initialize root sooner in ssl/common.c

The following warnings were detected with Clang: /home/ascheel/GitHub/cipherboy/jss/org/mozilla/jss/ssl/common.c:999:8: warning: variable 'root' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized] if(ocspPolicy != OCSP_LEAF_AND_CHAIN_POLICY) { ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/ascheel/GitHub/cipherboy/jss/org/mozilla/jss/ssl/common.c:1083:8: note: uninitialized use occurs here if(root) { ^~~~ /home/ascheel/GitHub/cipherboy/jss/org/mozilla/jss/ssl/common.c:999:5: note: remove the 'if' if its condition is always false if(ocspPolicy != OCSP_LEAF_AND_CHAIN_POLICY) { ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/ascheel/GitHub/cipherboy/jss/org/mozilla/jss/ssl/common.c:995:8: warning: variable 'root' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized] if(cert == NULL) { ^~~~~~~~~~~~ /home/ascheel/GitHub/cipherboy/jss/org/mozilla/jss/ssl/common.c:1083:8: note: uninitialized use occurs here if(root) { ^~~~ /home/ascheel/GitHub/cipherboy/jss/org/mozilla/jss/ssl/common.c:995:5: note: remove the 'if' if its condition is always false if(cert == NULL) { ^~~~~~~~~~~~~~~~~~ /home/ascheel/GitHub/cipherboy/jss/org/mozilla/jss/ssl/common.c:1037:5: note: variable 'root' is declared here CERTCertificate *root = getRoot(cert,certUsage); ^ Signed-off-by: Alexander Scheel <[email protected]>
dogtagpki · Jun 3, 2019 · bc44061 · bc44061
1 parent 22db574
commit bc44061
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/org/mozilla/jss/ssl/common.c b/org/mozilla/jss/ssl/common.c
@@ -1004,11 +1004,14 @@ SECStatus JSSL_verifyCertPKIX(CERTCertificate *cert,
     SECCertUsage certUsage = certUsageSSLClient /* 0 */;
 
     SECStatus res =  SECFailure;
+
+    CERTCertificate *root = NULL;
+
     if(cert == NULL) {
         goto finish;
     }
 
-    if(ocspPolicy != OCSP_LEAF_AND_CHAIN_POLICY) {
+    if (ocspPolicy != OCSP_LEAF_AND_CHAIN_POLICY) {
         goto finish;
     }
 
@@ -1046,7 +1049,7 @@ SECStatus JSSL_verifyCertPKIX(CERTCertificate *cert,
     SECCertificateUsage testUsage = certificateUsage;
     while (0 != (testUsage = testUsage >> 1)) { certUsage++; }
 
-    CERTCertificate *root = getRoot(cert,certUsage);
+    root = getRoot(cert,certUsage);
 
     /* Try to add the root as the trust anchor so all the
        other memebers of the ca chain will get validated.