There's this thing called calloc(3) and all variants of free(3) in libcrypto are NULL safe.
PS: There's still many dozens of these to clean up. I don't intend to go through these systematically anytime soon, but rather than letting this one rot in my tree, I might as well ask for oks... Index: asn1/x_info.c =================================================================== RCS file: /var/cvs/src/lib/libcrypto/asn1/x_info.c,v retrieving revision 1.17 diff -u -p -r1.17 x_info.c --- asn1/x_info.c 29 Jan 2017 17:49:22 -0000 1.17 +++ asn1/x_info.c 14 Aug 2020 09:29:28 -0000 @@ -60,48 +60,35 @@ #include <openssl/asn1.h> #include <openssl/err.h> -#include <openssl/evp.h> #include <openssl/x509.h> X509_INFO * X509_INFO_new(void) { - X509_INFO *ret = NULL; + X509_INFO *ret; - ret = malloc(sizeof(X509_INFO)); - if (ret == NULL) { + if ((ret = calloc(1, sizeof(X509_INFO))) == NULL) { ASN1error(ERR_R_MALLOC_FAILURE); return (NULL); } - - ret->enc_cipher.cipher = NULL; - ret->enc_len = 0; - ret->enc_data = NULL; - ret->references = 1; - ret->x509 = NULL; - ret->crl = NULL; - ret->x_pkey = NULL; - return (ret); + + return ret; } void X509_INFO_free(X509_INFO *x) { - int i; - if (x == NULL) return; - i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_INFO); - if (i > 0) + if (CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_INFO) > 0) return; X509_free(x->x509); - if (x->crl != NULL) - X509_CRL_free(x->crl); - if (x->x_pkey != NULL) - X509_PKEY_free(x->x_pkey); + X509_CRL_free(x->crl); + X509_PKEY_free(x->x_pkey); free(x->enc_data); + free(x); }