From c5327866a4800c580d72bf1724b84a89e9fcf035 Mon Sep 17 00:00:00 2001
From: Hideki Miyazaki <hide@wolfssl.com>
Date: Fri, 12 Mar 2021 08:35:39 +0900
Subject: [PATCH] addressed review comments part 3

---
 src/internal.c     |  1 +
 src/ssl.c          | 16 ++++++++--------
 wolfssl/internal.h | 15 +++++++++++++++
 wolfssl/ssl.h      | 20 ++++----------------
 4 files changed, 28 insertions(+), 24 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 74e0dd2f2..adf29955a 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -10735,6 +10735,7 @@ int LoadCrlCertByIssuer(WOLFSSL_X509_STORE* store, X509_NAME* issuer, int type)
             if (type == X509_LU_CRL) {
                 if (wc_LockMutex(&lookup->dirs->lock) != 0) {
                     WOLFSSL_MSG("wc_LockMutex cdir Lock error");
+                    XFREE(filename, NULL, DYNAMIC_TYPE_OPENSSL);
                     return BAD_MUTEX_E;
                 }
                 if (ph == NULL) {
diff --git a/src/ssl.c b/src/ssl.c
index 0b73fe825..b08fe0967 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -24836,13 +24836,12 @@ WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_file(void)
 /* @param argl   file type, either WOLFSSL_FILETYPE_PEM or                  */
 /*                                          WOLFSSL_FILETYPE_ASN1           */
 /* @return WOLFSSL_SUCCESS on successful, othewise negative or zero         */
-static int x509AddCertDir(void *p, const char *argc, long argl)
+static int x509AddCertDir(WOLFSSL_BY_DIR *ctx, const char *argc, long argl)
 {
     WOLFSSL_ENTER("x509AddCertDir");
 
     (void)argl;
 #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
-    WOLFSSL_BY_DIR *ctx = (WOLFSSL_BY_DIR*)p;
     WOLFSSL_BY_DIR_entry *entry;
     size_t pathLen;
     int i, num;
@@ -24855,8 +24854,9 @@ static int x509AddCertDir(void *p, const char *argc, long argl)
     
     pathLen = 0;
     c = argc;
-    /* zero length */
-    if (c == NULL || *c == '\0') return WOLFSSL_FAILURE;
+    /* sanity check, zero length */
+    if (ctx == NULL || c == NULL || *c == '\0')
+        return WOLFSSL_FAILURE;
     
 #ifdef WOLFSSL_SMALL_STACK
     buf = (char*)XMALLOC(MAX_FILENAME_SZ, NULL, DYNAMIC_TYPE_OPENSSL);
@@ -24948,7 +24948,7 @@ static int x509AddCertDir(void *p, const char *argc, long argl)
     
     return WOLFSSL_SUCCESS;
 #else
-    (void)p;
+    (void)ctx;
     (void)argc;
     return WOLFSSL_NOT_IMPLEMENTED;
 #endif
@@ -41641,17 +41641,17 @@ static int wolfSSL_ASN1_STRING_canon(WOLFSSL_ASN1_STRING* asn_out,
 
     /* trimming spaces at the head and tail */
     dst--;
-    for (; (len > 0 && XISSPACE(*dst));len--) {
+    for (; (len > 0 && XISSPACE(*dst)); len--) {
         dst--;
     }
-    for (; (len > 0 && XISSPACE(*src));len--) {
+    for (; (len > 0 && XISSPACE(*src)); len--) {
         src++;
     }
 
     /* point to the start */
     dst = asn_out->data;
 
-    for (i = 0; i < len;dst++, i++) {
+    for (i = 0; i < len; dst++, i++) {
         if (!XISASCII(*src)) {
             /* keep non-ascii code */
             *dst = *src++;
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
index 2ac3904b6..14fa0dc90 100644
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -1684,6 +1684,21 @@ WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_3(void);
     #endif
 #endif
 
+struct WOLFSSL_BY_DIR_HASH {
+    unsigned long hash_value;
+    int last_suffix;
+};
+
+struct WOLFSSL_BY_DIR_entry {
+    char*   dir_name;
+    int     dir_type;
+    WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH) *hashes;
+};
+
+struct WOLFSSL_BY_DIR {
+    WOLF_STACK_OF(WOLFSSL_BY_DIR_entry) *dir_entry;
+    wolfSSL_Mutex    lock; /* dir list lock */
+};
 
 /* wolfSSL method type */
 struct WOLFSSL_METHOD {
diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h
index 961b1fb1a..5b6c26687 100644
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@@ -143,6 +143,10 @@ typedef struct WOLFSSL_X509_STORE_CTX WOLFSSL_X509_STORE_CTX;
 
 typedef int (*WOLFSSL_X509_STORE_CTX_verify_cb)(int, WOLFSSL_X509_STORE_CTX *);
 
+typedef struct WOLFSSL_BY_DIR_HASH  WOLFSSL_BY_DIR_HASH;
+typedef struct WOLFSSL_BY_DIR_entry WOLFSSL_BY_DIR_entry;
+typedef struct WOLFSSL_BY_DIR       WOLFSSL_BY_DIR;
+
 /* redeclare guard */
 #define WOLFSSL_TYPES_DEFINED
 
@@ -279,22 +283,6 @@ struct WOLFSSL_X509V3_CTX {
     WOLFSSL_X509* x509;
 };
 
-struct WOLFSSL_BY_DIR_HASH {
-    unsigned long hash_value;
-    int last_suffix;
-};
-
-struct WOLFSSL_BY_DIR_entry {
-    char*   dir_name;
-    int     dir_type;
-    WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH) *hashes;
-};
-
-struct WOLFSSL_BY_DIR {
-    WOLF_STACK_OF(WOLFSSL_BY_DIR_entry) *dir_entry;
-    wolfSSL_Mutex    lock; /* dir list lock */
-};
-
 struct WOLFSSL_ASN1_OBJECT {
     void*  heap;
     const unsigned char* obj;