[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Fri May 1 18:37:51 UTC 2015


The branch master has been updated
       via  25aaa98aa249d26391c1994d2de449562c8b8b99 (commit)
      from  666964780a245c14e8f0eb6e13dd854a37387ea9 (commit)


- Log -----------------------------------------------------------------
commit 25aaa98aa249d26391c1994d2de449562c8b8b99
Author: Rich Salz <rsalz at openssl.org>
Date:   Fri May 1 14:37:16 2015 -0400

    free NULL cleanup -- coda
    
    After the finale, the "real" final part. :)  Do a recursive grep with
    "-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
    an "if NULL" check that can be removed.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/apps.c                    | 18 ++++-------
 apps/asn1pars.c                |  6 ++--
 apps/ca.c                      | 23 +++++---------
 apps/ciphers.c                 |  2 +-
 apps/cms.c                     | 27 ++++++----------
 apps/dgst.c                    |  9 ++----
 apps/engine.c                  |  3 +-
 apps/genrsa.c                  |  6 ++--
 apps/ocsp.c                    |  3 +-
 apps/openssl.c                 |  9 ++----
 apps/pkcs12.c                  |  3 +-
 apps/req.c                     |  8 ++---
 apps/s_cb.c                    |  6 ++--
 apps/s_server.c                | 34 +++++++-------------
 apps/sess_id.c                 |  3 +-
 apps/smime.c                   |  6 ++--
 apps/srp.c                     |  7 ++---
 apps/x509.c                    |  3 +-
 crypto/asn1/a_d2i_fp.c         |  9 ++----
 crypto/asn1/p5_pbe.c           |  3 +-
 crypto/asn1/x_crl.c            |  6 ++--
 crypto/cms/cms_cd.c            |  5 +--
 crypto/cms/cms_dd.c            |  5 +--
 crypto/cms/cms_enc.c           |  2 +-
 crypto/cms/cms_env.c           |  9 ++----
 crypto/cms/cms_ess.c           | 13 ++------
 crypto/cms/cms_kari.c          |  7 ++---
 crypto/cms/cms_smime.c         |  6 ++--
 crypto/conf/conf_def.c         | 11 +++----
 crypto/ec/ec_asn1.c            | 22 +++++--------
 crypto/ec/ec_lib.c             |  7 +----
 crypto/ec/ec_mult.c            |  3 +-
 crypto/engine/eng_dyn.c        |  3 +-
 crypto/err/err.c               |  6 ++--
 crypto/ex_data.c               |  6 ++--
 crypto/mem_dbg.c               | 15 ++++-----
 crypto/ocsp/ocsp_cl.c          |  7 ++---
 crypto/ocsp/ocsp_ext.c         |  6 ++--
 crypto/ocsp/ocsp_lib.c         |  3 +-
 crypto/ocsp/ocsp_srv.c         |  3 +-
 crypto/pem/pvkfmt.c            |  4 +--
 crypto/pqueue/pqueue.c         |  6 ----
 crypto/rsa/rsa_ameth.c         |  9 ++----
 crypto/stack/stack.c           |  3 +-
 crypto/store/str_mem.c         |  2 +-
 crypto/ts/ts_rsp_verify.c      |  3 +-
 crypto/txt_db/txt_db.c         | 43 ++++++++------------------
 crypto/x509/by_dir.c           | 12 +++-----
 crypto/x509/x509_obj.c         |  3 +-
 crypto/x509/x509_vfy.c         |  6 ++--
 crypto/x509/x509_vpm.c         | 14 +++------
 crypto/x509v3/pcy_cache.c      | 11 ++-----
 crypto/x509v3/pcy_data.c       |  2 ++
 crypto/x509v3/pcy_tree.c       |  3 +-
 crypto/x509v3/v3_crld.c        |  6 ++--
 demos/cms/cms_comp.c           |  5 +--
 demos/cms/cms_ddec.c           |  6 +---
 demos/cms/cms_dec.c            |  6 +---
 demos/cms/cms_denc.c           |  6 +---
 demos/cms/cms_enc.c            |  6 +---
 demos/cms/cms_sign.c           |  6 +---
 demos/cms/cms_sign2.c          |  6 +---
 demos/cms/cms_uncomp.c         |  6 +---
 demos/cms/cms_ver.c            |  7 +----
 demos/engines/ibmca/hw_ibmca.c |  3 +-
 engines/ccgost/gost2001.c      | 10 +++---
 engines/ccgost/gost2001_keyx.c |  3 +-
 ssl/d1_both.c                  |  7 +++--
 ssl/d1_clnt.c                  |  3 +-
 ssl/d1_lib.c                   |  6 ++--
 ssl/record/rec_layer_d1.c      | 13 +++-----
 ssl/s23_clnt.c                 |  3 +-
 ssl/s3_clnt.c                  | 13 +++-----
 ssl/s3_lib.c                   |  3 +-
 ssl/s3_srvr.c                  | 23 +++++---------
 ssl/ssl_cert.c                 | 34 ++++++++------------
 ssl/ssl_ciph.c                 |  3 +-
 ssl/ssl_lib.c                  | 70 +++++++++++++-----------------------------
 ssl/ssl_rsa.c                  |  7 ++---
 ssl/ssl_sess.c                 | 24 +++++----------
 test/ecdsatest.c               |  6 ++--
 test/evp_test.c                | 10 +++---
 82 files changed, 244 insertions(+), 511 deletions(-)

diff --git a/apps/apps.c b/apps/apps.c
index f2a17a4..1b76dbf 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -592,12 +592,9 @@ int load_cert_crl_http(const char *url, X509 **pcert, X509_CRL **pcrl)
     }
 
  err:
-    if (host)
-        OPENSSL_free(host);
-    if (path)
-        OPENSSL_free(path);
-    if (port)
-        OPENSSL_free(port);
+    OPENSSL_free(host);
+    OPENSSL_free(path);
+    OPENSSL_free(port);
     if (bio)
         BIO_free_all(bio);
     OCSP_REQ_CTX_free(rctx);
@@ -660,8 +657,7 @@ X509 *load_cert(const char *file, int format,
         BIO_printf(bio_err, "unable to load certificate\n");
         ERR_print_errors(bio_err);
     }
-    if (cert != NULL)
-        BIO_free(cert);
+    BIO_free(cert);
     return (x);
 }
 
@@ -761,8 +757,7 @@ EVP_PKEY *load_key(const char *file, int format, int maybe_stdin,
         goto end;
     }
  end:
-    if (key != NULL)
-        BIO_free(key);
+    BIO_free(key);
     if (pkey == NULL) {
         BIO_printf(bio_err, "unable to load %s\n", key_descrip);
         ERR_print_errors(bio_err);
@@ -849,8 +844,7 @@ EVP_PKEY *load_pubkey(const char *file, int format, int maybe_stdin,
         pkey = b2i_PublicKey_bio(key);
 #endif
  end:
-    if (key != NULL)
-        BIO_free(key);
+    BIO_free(key);
     if (pkey == NULL)
         BIO_printf(bio_err, "unable to load %s\n", key_descrip);
     return (pkey);
diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 01a50f4..61bdeab 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -319,15 +319,13 @@ int asn1parse_main(int argc, char **argv)
     BIO_free(b64);
     if (ret != 0)
         ERR_print_errors(bio_err);
-    if (buf != NULL)
-        BUF_MEM_free(buf);
+    BUF_MEM_free(buf);
     OPENSSL_free(name);
     OPENSSL_free(header);
     if (strictpem)
         OPENSSL_free(str);
     ASN1_TYPE_free(at);
-    if (osk != NULL)
-        sk_OPENSSL_STRING_free(osk);
+    sk_OPENSSL_STRING_free(osk);
     OBJ_cleanup();
     return (ret);
 }
diff --git a/apps/ca.c b/apps/ca.c
index ad6b000..0b92872 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -514,10 +514,8 @@ end_of_options:
                        errorline, configfile);
         goto end;
     }
-    if (tofree) {
-        OPENSSL_free(tofree);
-        tofree = NULL;
-    }
+    OPENSSL_free(tofree);
+    tofree = NULL;
 
     /* Lets get the config section we are using */
     if (section == NULL) {
@@ -1331,8 +1329,7 @@ end_of_options:
         /*****************************************************************/
     ret = 0;
  end:
-    if (tofree)
-        OPENSSL_free(tofree);
+    OPENSSL_free(tofree);
     BIO_free_all(Cout);
     BIO_free_all(Sout);
     BIO_free_all(out);
@@ -1342,13 +1339,12 @@ end_of_options:
     if (ret)
         ERR_print_errors(bio_err);
     app_RAND_write_file(randfile);
-    if (free_key && key)
+    if (free_key)
         OPENSSL_free(key);
     BN_free(serial);
     BN_free(crlnumber);
     free_index(db);
-    if (sigopts)
-        sk_OPENSSL_STRING_free(sigopts);
+    sk_OPENSSL_STRING_free(sigopts);
     EVP_PKEY_free(pkey);
     X509_free(x509);
     X509_CRL_free(crl);
@@ -2000,8 +1996,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
     ok = 1;
  end:
     for (i = 0; i < DB_NUMBER; i++)
-        if (row[i] != NULL)
-            OPENSSL_free(row[i]);
+        OPENSSL_free(row[i]);
 
     X509_NAME_free(CAname);
     X509_NAME_free(subject);
@@ -2159,10 +2154,8 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey,
                  ext_copy, 0);
  end:
     X509_REQ_free(req);
-    if (parms != NULL)
-        CONF_free(parms);
-    if (spki != NULL)
-        NETSCAPE_SPKI_free(spki);
+    CONF_free(parms);
+    NETSCAPE_SPKI_free(spki);
     X509_NAME_ENTRY_free(ne);
 
     return (ok);
diff --git a/apps/ciphers.c b/apps/ciphers.c
index 3d84a2b..232fd60 100644
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -214,7 +214,7 @@ int ciphers_main(int argc, char **argv)
  err:
     ERR_print_errors(bio_err);
  end:
-    if (use_supported && sk)
+    if (use_supported)
         sk_SSL_CIPHER_free(sk);
     SSL_CTX_free(ctx);
     SSL_free(ssl);
diff --git a/apps/cms.c b/apps/cms.c
index 25e3ad6..79d0b8f 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -1117,20 +1117,15 @@ int cms_main(int argc, char **argv)
     sk_X509_pop_free(encerts, X509_free);
     sk_X509_pop_free(other, X509_free);
     X509_VERIFY_PARAM_free(vpm);
-    if (sksigners)
-        sk_OPENSSL_STRING_free(sksigners);
-    if (skkeys)
-        sk_OPENSSL_STRING_free(skkeys);
+    sk_OPENSSL_STRING_free(sksigners);
+    sk_OPENSSL_STRING_free(skkeys);
     OPENSSL_free(secret_key);
     OPENSSL_free(secret_keyid);
     OPENSSL_free(pwri_tmp);
     ASN1_OBJECT_free(econtent_type);
-    if (rr)
-        CMS_ReceiptRequest_free(rr);
-    if (rr_to)
-        sk_OPENSSL_STRING_free(rr_to);
-    if (rr_from)
-        sk_OPENSSL_STRING_free(rr_from);
+    CMS_ReceiptRequest_free(rr);
+    sk_OPENSSL_STRING_free(rr_to);
+    sk_OPENSSL_STRING_free(rr_from);
     for (key_param = key_first; key_param;) {
         cms_key_param *tparam;
         sk_OPENSSL_STRING_free(key_param->param);
@@ -1247,8 +1242,7 @@ static void receipt_request_print(CMS_ContentInfo *cms)
             BIO_puts(bio_err, "  Receipts To:\n");
             gnames_stack_print(rto);
         }
-        if (rr)
-            CMS_ReceiptRequest_free(rr);
+        CMS_ReceiptRequest_free(rr);
     }
 }
 
@@ -1280,12 +1274,9 @@ static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK_OF(OPENSSL_STRING) *ns)
     return ret;
 
  err:
-    if (ret)
-        sk_GENERAL_NAMES_pop_free(ret, GENERAL_NAMES_free);
-    if (gens)
-        GENERAL_NAMES_free(gens);
-    if (gen)
-        GENERAL_NAME_free(gen);
+    sk_GENERAL_NAMES_pop_free(ret, GENERAL_NAMES_free);
+    GENERAL_NAMES_free(gens);
+    GENERAL_NAME_free(gen);
     return NULL;
 }
 
diff --git a/apps/dgst.c b/apps/dgst.c
index a679cb9..5d23492 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -443,14 +443,11 @@ int dgst_main(int argc, char **argv)
  end:
     OPENSSL_clear_free(buf, BUFSIZE);
     BIO_free(in);
-    if (passin)
-        OPENSSL_free(passin);
+    OPENSSL_free(passin);
     BIO_free_all(out);
     EVP_PKEY_free(sigkey);
-    if (sigopts)
-        sk_OPENSSL_STRING_free(sigopts);
-    if (macopts)
-        sk_OPENSSL_STRING_free(macopts);
+    sk_OPENSSL_STRING_free(sigopts);
+    sk_OPENSSL_STRING_free(macopts);
     OPENSSL_free(sigbuf);
     BIO_free(bmd);
     return (ret);
diff --git a/apps/engine.c b/apps/engine.c
index c7c0aaf..832cb0a 100644
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -261,8 +261,7 @@ static int util_verbose(ENGINE *e, int verbose, BIO *out, const char *indent)
         BIO_printf(out, "\n");
     ret = 1;
  err:
-    if (cmds)
-        sk_OPENSSL_STRING_pop_free(cmds, identity);
+    sk_OPENSSL_STRING_pop_free(cmds, identity);
     OPENSSL_free(name);
     OPENSSL_free(desc);
     return ret;
diff --git a/apps/genrsa.c b/apps/genrsa.c
index a5ab658..e09e576 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -198,10 +198,8 @@ int genrsa_main(int argc, char **argv)
     if (hexe && dece) {
         BIO_printf(bio_err, "e is %s (0x%s)\n", dece, hexe);
     }
-    if (hexe)
-        OPENSSL_free(hexe);
-    if (dece)
-        OPENSSL_free(dece);
+    OPENSSL_free(hexe);
+    OPENSSL_free(dece);
     {
         PW_CB_DATA cb_data;
         cb_data.password = passout;
diff --git a/apps/ocsp.c b/apps/ocsp.c
index d4ea019..d4538a8 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -917,8 +917,7 @@ static void make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req,
                                          NULL);
             goto end;
         }
-        if (ca_id)
-            OCSP_CERTID_free(ca_id);
+        OCSP_CERTID_free(ca_id);
         ca_id = OCSP_cert_to_id(cert_id_md, NULL, ca);
 
         /* Is this request about our CA? */
diff --git a/apps/openssl.c b/apps/openssl.c
index c6b048a..b71f3d1 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -511,12 +511,9 @@ int main(int argc, char *argv[])
  end:
     OPENSSL_free(copied_argv);
     OPENSSL_free(to_free);
-    if (config != NULL) {
-        NCONF_free(config);
-        config = NULL;
-    }
-    if (prog != NULL)
-        lh_FUNCTION_free(prog);
+    NCONF_free(config);
+    config = NULL;
+    lh_FUNCTION_free(prog);
     OPENSSL_free(arg.argv);
 
     BIO_free(bio_in);
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 4c62392..0a4ee3e 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -554,8 +554,7 @@ int pkcs12_main(int argc, char **argv)
         app_RAND_write_file(NULL);
     BIO_free(in);
     BIO_free_all(out);
-    if (canames)
-        sk_OPENSSL_STRING_free(canames);
+    sk_OPENSSL_STRING_free(canames);
     OPENSSL_free(passin);
     OPENSSL_free(passout);
     return (ret);
diff --git a/apps/req.c b/apps/req.c
index e8e18ec..b9dc35c 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -872,16 +872,14 @@ int req_main(int argc, char **argv)
     if (ret) {
         ERR_print_errors(bio_err);
     }
-    if ((req_conf != NULL) && (req_conf != config))
+    if (req_conf != config)
         NCONF_free(req_conf);
     BIO_free(in);
     BIO_free_all(out);
     EVP_PKEY_free(pkey);
     EVP_PKEY_CTX_free(genctx);
-    if (pkeyopts)
-        sk_OPENSSL_STRING_free(pkeyopts);
-    if (sigopts)
-        sk_OPENSSL_STRING_free(sigopts);
+    sk_OPENSSL_STRING_free(pkeyopts);
+    sk_OPENSSL_STRING_free(sigopts);
 #ifndef OPENSSL_NO_ENGINE
     ENGINE_free(gen_eng);
 #endif
diff --git a/apps/s_cb.c b/apps/s_cb.c
index 1f2d371..13a3a25 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -1202,6 +1202,9 @@ static int ssl_excert_prepend(SSL_EXCERT **pexc)
 void ssl_excert_free(SSL_EXCERT *exc)
 {
     SSL_EXCERT *curr;
+
+    if (!exc)
+        return;
     while (exc) {
         X509_free(exc->cert);
         EVP_PKEY_free(exc->key);
@@ -1311,8 +1314,7 @@ int args_excert(int opt, SSL_EXCERT **pexc)
 
  err:
     ERR_print_errors(bio_err);
-    if (exc)
-        ssl_excert_free(exc);
+    ssl_excert_free(exc);
     *pexc = NULL;
     return 0;
 }
diff --git a/apps/s_server.c b/apps/s_server.c
index 5fb275d..fead620 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -475,8 +475,7 @@ static int ebcdic_free(BIO *a)
 {
     if (a == NULL)
         return (0);
-    if (a->ptr != NULL)
-        OPENSSL_free(a->ptr);
+    OPENSSL_free(a->ptr);
     a->ptr = NULL;
     a->init = 0;
     a->flags = 0;
@@ -725,12 +724,9 @@ static int cert_status_cb(SSL *s, void *arg)
         OPENSSL_free(port);
         X509_email_free(aia);
     }
-    if (id)
-        OCSP_CERTID_free(id);
-    if (req)
-        OCSP_REQUEST_free(req);
-    if (resp)
-        OCSP_RESPONSE_free(resp);
+    OCSP_CERTID_free(id);
+    OCSP_REQUEST_free(req);
+    OCSP_RESPONSE_free(resp);
     return ret;
  err:
     ret = SSL_TLSEXT_ERR_ALERT_FATAL;
@@ -1928,30 +1924,22 @@ int s_server_main(int argc, char *argv[])
     EVP_PKEY_free(s_dkey);
     sk_X509_pop_free(s_chain, X509_free);
     sk_X509_pop_free(s_dchain, X509_free);
-    if (pass)
-        OPENSSL_free(pass);
-    if (dpass)
-        OPENSSL_free(dpass);
+    OPENSSL_free(pass);
+    OPENSSL_free(dpass);
     X509_VERIFY_PARAM_free(vpm);
     free_sessions();
 #ifndef OPENSSL_NO_TLSEXT
-    if (tlscstatp.host)
-        OPENSSL_free(tlscstatp.host);
-    if (tlscstatp.port)
-        OPENSSL_free(tlscstatp.port);
-    if (tlscstatp.path)
-        OPENSSL_free(tlscstatp.path);
-    if (ctx2 != NULL)
+    OPENSSL_free(tlscstatp.host);
+    OPENSSL_free(tlscstatp.port);
+    OPENSSL_free(tlscstatp.path);
     SSL_CTX_free(ctx2);
     X509_free(s_cert2);
     EVP_PKEY_free(s_key2);
     BIO_free(serverinfo_in);
 # ifndef OPENSSL_NO_NEXTPROTONEG
-    if (next_proto.data)
-        OPENSSL_free(next_proto.data);
+    OPENSSL_free(next_proto.data);
 # endif
-    if (alpn_ctx.data)
-        OPENSSL_free(alpn_ctx.data);
+    OPENSSL_free(alpn_ctx.data);
 #endif
     ssl_excert_free(exc);
     sk_OPENSSL_STRING_free(ssl_args);
diff --git a/apps/sess_id.c b/apps/sess_id.c
index cfecd86..6816543 100644
--- a/apps/sess_id.c
+++ b/apps/sess_id.c
@@ -211,8 +211,7 @@ int sess_id_main(int argc, char **argv)
     ret = 0;
  end:
     BIO_free_all(out);
-    if (x != NULL)
-        SSL_SESSION_free(x);
+    SSL_SESSION_free(x);
     return (ret);
 }
 
diff --git a/apps/smime.c b/apps/smime.c
index 8b8520b..e544ca2 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -651,10 +651,8 @@ int smime_main(int argc, char **argv)
     sk_X509_pop_free(encerts, X509_free);
     sk_X509_pop_free(other, X509_free);
     X509_VERIFY_PARAM_free(vpm);
-    if (sksigners)
-        sk_OPENSSL_STRING_free(sksigners);
-    if (skkeys)
-        sk_OPENSSL_STRING_free(skkeys);
+    sk_OPENSSL_STRING_free(sksigners);
+    sk_OPENSSL_STRING_free(skkeys);
     X509_STORE_free(store);
     X509_free(cert);
     X509_free(recip);
diff --git a/apps/srp.c b/apps/srp.c
index 960ca82..8b44780 100644
--- a/apps/srp.c
+++ b/apps/srp.c
@@ -669,11 +669,8 @@ int srp_main(int argc, char **argv)
         ERR_print_errors(bio_err);
     if (randfile)
         app_RAND_write_file(randfile);
-    if (conf)
-        NCONF_free(conf);
-    if (db)
-        free_index(db);
-
+    NCONF_free(conf);
+    free_index(db);
     OBJ_cleanup();
     return (ret);
 }
diff --git a/apps/x509.c b/apps/x509.c
index 31ae38a..fe9b109 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -949,8 +949,7 @@ int x509_main(int argc, char **argv)
     EVP_PKEY_free(Upkey);
     EVP_PKEY_free(CApkey);
     EVP_PKEY_free(fkey);
-    if (sigopts)
-        sk_OPENSSL_STRING_free(sigopts);
+    sk_OPENSSL_STRING_free(sigopts);
     X509_REQ_free(rq);
     ASN1_INTEGER_free(sno);
     sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free);
diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c
index af1f7c6..13e47fd 100644
--- a/crypto/asn1/a_d2i_fp.c
+++ b/crypto/asn1/a_d2i_fp.c
@@ -97,8 +97,7 @@ void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x)
     p = (unsigned char *)b->data;
     ret = d2i(x, &p, len);
  err:
-    if (b != NULL)
-        BUF_MEM_free(b);
+    BUF_MEM_free(b);
     return (ret);
 }
 
@@ -118,8 +117,7 @@ void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
     p = (const unsigned char *)b->data;
     ret = ASN1_item_d2i(x, &p, len, it);
  err:
-    if (b != NULL)
-        BUF_MEM_free(b);
+    BUF_MEM_free(b);
     return (ret);
 }
 
@@ -264,7 +262,6 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
     *pb = b;
     return off;
  err:
-    if (b != NULL)
-        BUF_MEM_free(b);
+    BUF_MEM_free(b);
     return -1;
 }
diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c
index a65b659..ec738de 100644
--- a/crypto/asn1/p5_pbe.c
+++ b/crypto/asn1/p5_pbe.c
@@ -116,8 +116,7 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
         return 1;
 
  err:
-    if (pbe != NULL)
-        PBEPARAM_free(pbe);
+    PBEPARAM_free(pbe);
     ASN1_STRING_free(pbe_str);
     return 0;
 }
diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c
index e32556e..a32158b 100644
--- a/crypto/asn1/x_crl.c
+++ b/crypto/asn1/x_crl.c
@@ -281,10 +281,8 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
             if (!crl->meth->crl_free(crl))
                 return 0;
         }
-        if (crl->akid)
-            AUTHORITY_KEYID_free(crl->akid);
-        if (crl->idp)
-            ISSUING_DIST_POINT_free(crl->idp);
+        AUTHORITY_KEYID_free(crl->akid);
+        ISSUING_DIST_POINT_free(crl->idp);
         ASN1_INTEGER_free(crl->crl_number);
         ASN1_INTEGER_free(crl->base_crl_number);
         sk_GENERAL_NAMES_pop_free(crl->issuers, GENERAL_NAMES_free);
diff --git a/crypto/cms/cms_cd.c b/crypto/cms/cms_cd.c
index aa3238f..8673e00 100644
--- a/crypto/cms/cms_cd.c
+++ b/crypto/cms/cms_cd.c
@@ -105,10 +105,7 @@ CMS_ContentInfo *cms_CompressedData_create(int comp_nid)
     return cms;
 
  err:
-
-    if (cms)
-        CMS_ContentInfo_free(cms);
-
+    CMS_ContentInfo_free(cms);
     return NULL;
 }
 
diff --git a/crypto/cms/cms_dd.c b/crypto/cms/cms_dd.c
index d5fda1a..09ad319 100644
--- a/crypto/cms/cms_dd.c
+++ b/crypto/cms/cms_dd.c
@@ -88,10 +88,7 @@ CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md)
     return cms;
 
  err:
-
-    if (cms)
-        CMS_ContentInfo_free(cms);
-
+    CMS_ContentInfo_free(cms);
     return NULL;
 }
 
diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c
index f1ac1d5..ed20c53 100644
--- a/crypto/cms/cms_enc.c
+++ b/crypto/cms/cms_enc.c
@@ -194,7 +194,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
     ok = 1;
 
  err:
-    if (ec->key && !keep_key) {
+    if (!keep_key) {
         OPENSSL_clear_free(ec->key, ec->keylen);
         ec->key = NULL;
     }
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c
index e8274be..7fefd24 100644
--- a/crypto/cms/cms_env.c
+++ b/crypto/cms/cms_env.c
@@ -168,8 +168,7 @@ CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher)
         goto merr;
     return cms;
  merr:
-    if (cms)
-        CMS_ContentInfo_free(cms);
+    CMS_ContentInfo_free(cms);
     CMSerr(CMS_F_CMS_ENVELOPEDDATA_CREATE, ERR_R_MALLOC_FAILURE);
     return NULL;
 }
@@ -400,10 +399,8 @@ static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms,
     ret = 1;
 
  err:
-    if (pctx) {
-        EVP_PKEY_CTX_free(pctx);
-        ktri->pctx = NULL;
-    }
+    EVP_PKEY_CTX_free(pctx);
+    ktri->pctx = NULL;
     OPENSSL_free(ek);
     return ret;
 
diff --git a/crypto/cms/cms_ess.c b/crypto/cms/cms_ess.c
index 21f41f6..9dfbd67 100644
--- a/crypto/cms/cms_ess.c
+++ b/crypto/cms/cms_ess.c
@@ -128,9 +128,7 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
     CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
 
  err:
-    if (rr)
-        CMS_ReceiptRequest_free(rr);
-
+    CMS_ReceiptRequest_free(rr);
     return NULL;
 
 }
@@ -337,10 +335,8 @@ int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
     r = 1;
 
  err:
-    if (rr)
-        CMS_ReceiptRequest_free(rr);
+    CMS_ReceiptRequest_free(rr);
     M_ASN1_free_of(rct, CMS_Receipt);
-
     return r;
 
 }
@@ -384,9 +380,6 @@ ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
     os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
 
  err:
-    if (rr)
-        CMS_ReceiptRequest_free(rr);
-
+    CMS_ReceiptRequest_free(rr);
     return os;
-
 }
diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c
index ea7fb5b..d860f09 100644
--- a/crypto/cms/cms_kari.c
+++ b/crypto/cms/cms_kari.c
@@ -207,10 +207,9 @@ int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk)
 {
     EVP_PKEY_CTX *pctx;
     CMS_KeyAgreeRecipientInfo *kari = ri->d.kari;
-    if (kari->pctx) {
-        EVP_PKEY_CTX_free(kari->pctx);
-        kari->pctx = NULL;
-    }
+
+    EVP_PKEY_CTX_free(kari->pctx);
+    kari->pctx = NULL;
     if (!pk)
         return 1;
     pctx = EVP_PKEY_CTX_new(pk, NULL);
diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
index 8066602..d19ec6d 100644
--- a/crypto/cms/cms_smime.c
+++ b/crypto/cms/cms_smime.c
@@ -512,8 +512,7 @@ CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
     CMSerr(CMS_F_CMS_SIGN, ERR_R_MALLOC_FAILURE);
 
  err:
-    if (cms)
-        CMS_ContentInfo_free(cms);
+    CMS_ContentInfo_free(cms);
     return NULL;
 }
 
@@ -614,8 +613,7 @@ CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data,
  merr:
     CMSerr(CMS_F_CMS_ENCRYPT, ERR_R_MALLOC_FAILURE);
  err:
-    if (cms)
-        CMS_ContentInfo_free(cms);
+    CMS_ContentInfo_free(cms);
     return NULL;
 }
 
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index bd2e8c0..0ed06e1 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -391,19 +391,17 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
             v = NULL;
         }
     }
-    if (buff != NULL)
-        BUF_MEM_free(buff);
+    BUF_MEM_free(buff);
     OPENSSL_free(section);
     return (1);
  err:
-    if (buff != NULL)
-        BUF_MEM_free(buff);
+    BUF_MEM_free(buff);
     OPENSSL_free(section);
     if (line != NULL)
         *line = eline;
     BIO_snprintf(btmp, sizeof btmp, "%ld", eline);
     ERR_add_error_data(2, "line ", btmp);
-    if ((h != conf->data) && (conf->data != NULL)) {
+    if (h != conf->data) {
         CONF_free(conf->data);
         conf->data = NULL;
     }
@@ -595,8 +593,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
     OPENSSL_free(buf);
     return (1);
  err:
-    if (buf != NULL)
-        BUF_MEM_free(buf);
+    BUF_MEM_free(buf);
     return (0);
 }
 
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index c86f22e..638f849 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -994,7 +994,6 @@ int i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out)
 
 EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
 {
-    int ok = 0;
     EC_KEY *ret = NULL;
     EC_PRIVATEKEY *priv_key = NULL;
 
@@ -1075,18 +1074,14 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
 
     if (a)
         *a = ret;
-    ok = 1;
- err:
-    if (!ok) {
-        if (a == NULL || *a != ret)
-            EC_KEY_free(ret);
-        ret = NULL;
-    }
-
-    if (priv_key)
-        EC_PRIVATEKEY_free(priv_key);
-
+    EC_PRIVATEKEY_free(priv_key);
     return (ret);
+
+ err:
+    if (a == NULL || *a != ret)
+        EC_KEY_free(ret);
+    EC_PRIVATEKEY_free(priv_key);
+    return NULL;
 }
 
 int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
@@ -1190,8 +1185,7 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
     ok = 1;
  err:
     OPENSSL_free(buffer);
-    if (priv_key)
-        EC_PRIVATEKEY_free(priv_key);
+    EC_PRIVATEKEY_free(priv_key);
     return (ok ? ret : 0);
 }
 
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index 02de91d..628e879 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -132,16 +132,11 @@ void EC_GROUP_free(EC_GROUP *group)
         group->meth->group_finish(group);
 
     EC_EX_DATA_free_all_data(&group->extra_data);
-
     BN_MONT_CTX_free(group->mont_data);
-
     EC_POINT_free(group->generator);
     BN_free(group->order);
     BN_free(group->cofactor);
-
-    if (group->seed)
-        OPENSSL_free(group->seed);
-
+    OPENSSL_free(group->seed);
     OPENSSL_free(group);
 }
 
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index 115bc42..bd99c82 100644
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -742,8 +742,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
     if (ctx != NULL)
         BN_CTX_end(ctx);
     BN_CTX_free(new_ctx);
-    if (pre_comp)
-        ec_pre_comp_free(pre_comp);
+    ec_pre_comp_free(pre_comp);
     if (points) {
         EC_POINT **p;
 
diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c
index 02590e0..84d8e86 100644
--- a/crypto/engine/eng_dyn.c
+++ b/crypto/engine/eng_dyn.c
@@ -189,8 +189,7 @@ static void dynamic_data_ctx_free_func(void *parent, void *ptr,
         DSO_free(ctx->dynamic_dso);
         OPENSSL_free(ctx->DYNAMIC_LIBNAME);
         OPENSSL_free(ctx->engine_id);
-        if (ctx->dirs)
-            sk_OPENSSL_STRING_pop_free(ctx->dirs, int_free_str);
+        sk_OPENSSL_STRING_pop_free(ctx->dirs, int_free_str);
         OPENSSL_free(ctx);
     }
 }
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 308504a..e1091e3 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -559,10 +559,8 @@ void ERR_unload_strings(int lib, ERR_STRING_DATA *str)
 void ERR_free_strings(void)
 {
     CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-    if (int_error_hash) {
-        lh_ERR_STRING_DATA_free(int_error_hash);
-        int_error_hash = NULL;
-    }
+    lh_ERR_STRING_DATA_free(int_error_hash);
+    int_error_hash = NULL;
     CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
 }
 
diff --git a/crypto/ex_data.c b/crypto/ex_data.c
index 66070f6..96ecd94 100644
--- a/crypto/ex_data.c
+++ b/crypto/ex_data.c
@@ -524,10 +524,8 @@ static void int_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
         }
     }
     OPENSSL_free(storage);
-    if (ad->sk) {
-        sk_void_free(ad->sk);
-        ad->sk = NULL;
-    }
+    sk_void_free(ad->sk);
+    ad->sk = NULL;
 }
 
 /********************************************************************/
diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c
index 402df01..dee1fb9 100644
--- a/crypto/mem_dbg.c
+++ b/crypto/mem_dbg.c
@@ -197,10 +197,10 @@ static CRYPTO_THREADID disabling_threadid;
 
 static void app_info_free(APP_INFO *inf)
 {
+    if (!inf)
+        return;
     if (--(inf->references) <= 0) {
-        if (inf->next != NULL) {
-            app_info_free(inf->next);
-        }
+        app_info_free(inf->next);
         OPENSSL_free(inf);
     }
 }
@@ -559,8 +559,7 @@ void CRYPTO_dbg_free(void *addr, int before_p)
                 fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5ld] - 0x%p (%d)\n",
                         mp->order, mp->addr, mp->num);
 #endif
-                if (mp->app_info != NULL)
-                    app_info_free(mp->app_info);
+                app_info_free(mp->app_info);
                 OPENSSL_free(mp);
             }
 
@@ -763,10 +762,8 @@ void CRYPTO_mem_leaks(BIO *b)
         old_mh_mode = mh_mode;
         mh_mode = CRYPTO_MEM_CHECK_OFF;
 
-        if (mh != NULL) {
-            lh_MEM_free(mh);
-            mh = NULL;
-        }
+        lh_MEM_free(mh);
+        mh = NULL;
         if (amih != NULL) {
             if (lh_APP_INFO_num_items(amih) == 0) {
                 lh_APP_INFO_free(amih);
diff --git a/crypto/ocsp/ocsp_cl.c b/crypto/ocsp/ocsp_cl.c
index 78d817d..0f3f13f 100644
--- a/crypto/ocsp/ocsp_cl.c
+++ b/crypto/ocsp/ocsp_cl.c
@@ -91,8 +91,7 @@ OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid)
 
     if (!(one = OCSP_ONEREQ_new()))
         goto err;
-    if (one->reqCert)
-        OCSP_CERTID_free(one->reqCert);
+    OCSP_CERTID_free(one->reqCert);
     one->reqCert = cid;
     if (req && !sk_OCSP_ONEREQ_push(req->tbsRequest->requestList, one))
         goto err;
@@ -107,6 +106,7 @@ OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid)
 int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm)
 {
     GENERAL_NAME *gen;
+
     gen = GENERAL_NAME_new();
     if (gen == NULL)
         return 0;
@@ -115,8 +115,7 @@ int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm)
         return 0;
     }
     gen->type = GEN_DIRNAME;
-    if (req->tbsRequest->requestorName)
-        GENERAL_NAME_free(req->tbsRequest->requestorName);
+    GENERAL_NAME_free(req->tbsRequest->requestorName);
     req->tbsRequest->requestorName = gen;
     return 1;
 }
diff --git a/crypto/ocsp/ocsp_ext.c b/crypto/ocsp/ocsp_ext.c
index 91eac9b..8a35f75 100644
--- a/crypto/ocsp/ocsp_ext.c
+++ b/crypto/ocsp/ocsp_ext.c
@@ -437,8 +437,7 @@ X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim)
     }
     x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid);
  err:
-    if (cid)
-        OCSP_CRLID_free(cid);
+    OCSP_CRLID_free(cid);
     return x;
 }
 
@@ -516,7 +515,6 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls)
     }
     x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc);
  err:
-    if (sloc)
-        OCSP_SERVICELOC_free(sloc);
+    OCSP_SERVICELOC_free(sloc);
     return x;
 }
diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c
index ac64b65..62a5812 100644
--- a/crypto/ocsp/ocsp_lib.c
+++ b/crypto/ocsp/ocsp_lib.c
@@ -142,8 +142,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
  digerr:
     OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_DIGEST_ERR);
  err:
-    if (cid)
-        OCSP_CERTID_free(cid);
+    OCSP_CERTID_free(cid);
     return NULL;
 }
 
diff --git a/crypto/ocsp/ocsp_srv.c b/crypto/ocsp/ocsp_srv.c
index 00cafea..1afa68c 100644
--- a/crypto/ocsp/ocsp_srv.c
+++ b/crypto/ocsp/ocsp_srv.c
@@ -130,8 +130,7 @@ OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs)
          goto err;
     return rsp;
  err:
-    if (rsp)
-        OCSP_RESPONSE_free(rsp);
+    OCSP_RESPONSE_free(rsp);
     return NULL;
 }
 
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index 9e9c948..d2a5952 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -674,6 +674,7 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
     const unsigned char *p = *in;
     unsigned int magic;
     unsigned char *enctmp = NULL, *q;
+
     EVP_CIPHER_CTX cctx;
     EVP_CIPHER_CTX_init(&cctx);
     if (saltlen) {
@@ -736,8 +737,7 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
     ret = b2i_PrivateKey(&p, keylen);
  err:
     EVP_CIPHER_CTX_cleanup(&cctx);
-    if (saltlen)
-        OPENSSL_free(enctmp);
+    OPENSSL_free(enctmp);
     return ret;
 }
 
diff --git a/crypto/pqueue/pqueue.c b/crypto/pqueue/pqueue.c
index a4af9f9..725fe38 100644
--- a/crypto/pqueue/pqueue.c
+++ b/crypto/pqueue/pqueue.c
@@ -82,9 +82,6 @@ pitem *pitem_new(unsigned char *prio64be, void *data)
 
 void pitem_free(pitem *item)
 {
-    if (item == NULL)
-        return;
-
     OPENSSL_free(item);
 }
 
@@ -100,9 +97,6 @@ pqueue_s *pqueue_new()
 
 void pqueue_free(pqueue_s *pq)
 {
-    if (pq == NULL)
-        return;
-
     OPENSSL_free(pq);
 }
 
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 9313c93..e9ccd7e 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -378,8 +378,7 @@ static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
         X509_ALGOR *maskHash;
         pss = rsa_pss_decode(sigalg, &maskHash);
         rv = rsa_pss_param_print(bp, pss, maskHash, indent);
-        if (pss)
-            RSA_PSS_PARAMS_free(pss);
+        RSA_PSS_PARAMS_free(pss);
         X509_ALGOR_free(maskHash);
         if (!rv)
             return 0;
@@ -557,8 +556,7 @@ static ASN1_STRING *rsa_ctx_to_pss(EVP_PKEY_CTX *pkctx)
          goto err;
     rv = 1;
  err:
-    if (pss)
-        RSA_PSS_PARAMS_free(pss);
+    RSA_PSS_PARAMS_free(pss);
     if (rv)
         return os;
     ASN1_STRING_free(os);
@@ -896,8 +894,7 @@ static int rsa_cms_encrypt(CMS_RecipientInfo *ri)
     os = NULL;
     rv = 1;
  err:
-    if (oaep)
-        RSA_OAEP_PARAMS_free(oaep);
+    RSA_OAEP_PARAMS_free(oaep);
     ASN1_STRING_free(os);
     return rv;
 }
diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c
index 7611631..7922188 100644
--- a/crypto/stack/stack.c
+++ b/crypto/stack/stack.c
@@ -106,8 +106,7 @@ _STACK *sk_dup(_STACK *sk)
     ret->comp = sk->comp;
     return (ret);
  err:
-    if (ret)
-        sk_free(ret);
+    sk_free(ret);
     return (NULL);
 }
 
diff --git a/crypto/store/str_mem.c b/crypto/store/str_mem.c
index 8687100..f1cca6a 100644
--- a/crypto/store/str_mem.c
+++ b/crypto/store/str_mem.c
@@ -346,7 +346,7 @@ static int mem_list_end(STORE *s, void *handle)
         STOREerr(STORE_F_MEM_LIST_END, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
-    if (context && context->search_attributes)
+    if (context)
         sk_STORE_ATTR_INFO_free(context->search_attributes);
     OPENSSL_free(context);
     return 1;
diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c
index 3ce765d..a89f9cb 100644
--- a/crypto/ts/ts_rsp_verify.c
+++ b/crypto/ts/ts_rsp_verify.c
@@ -718,8 +718,7 @@ static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer)
         gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name,
                                      NULL, &idx);
     }
-    if (gen_names)
-        GENERAL_NAMES_free(gen_names);
+    GENERAL_NAMES_free(gen_names);
 
     return found;
 }
diff --git a/crypto/txt_db/txt_db.c b/crypto/txt_db/txt_db.c
index 029d0bb..49d8ccc 100644
--- a/crypto/txt_db/txt_db.c
+++ b/crypto/txt_db/txt_db.c
@@ -71,7 +71,6 @@ const char TXT_DB_version[] = "TXT_DB" OPENSSL_VERSION_PTEXT;
 TXT_DB *TXT_DB_read(BIO *in, int num)
 {
     TXT_DB *ret = NULL;
-    int er = 1;
     int esc = 0;
     long ln = 0;
     int i, add, n;
@@ -161,36 +160,23 @@ TXT_DB *TXT_DB_read(BIO *in, int num)
                     "wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)\n",
                     ln, num, n, f);
 #endif
-            er = 2;
             goto err;
         }
         pp[n] = p;
-        if (!sk_OPENSSL_PSTRING_push(ret->data, pp)) {
-#if !defined(OPENSSL_NO_STDIO)  /* temporary fix :-( */
-            fprintf(stderr, "failure in sk_push\n");
-#endif
-            er = 2;
+        if (!sk_OPENSSL_PSTRING_push(ret->data, pp))
             goto err;
-        }
     }
-    er = 0;
+    BUF_MEM_free(buf);
+    return ret;
  err:
     BUF_MEM_free(buf);
-    if (er) {
-#if !defined(OPENSSL_NO_STDIO)
-        if (er == 1)
-            fprintf(stderr, "OPENSSL_malloc failure\n");
-#endif
-        if (ret != NULL) {
-            if (ret->data != NULL)
-                sk_OPENSSL_PSTRING_free(ret->data);
-            OPENSSL_free(ret->index);
-            OPENSSL_free(ret->qual);
-            OPENSSL_free(ret);
-        }
-        return (NULL);
-    } else
-        return (ret);
+    if (ret != NULL) {
+        sk_OPENSSL_PSTRING_free(ret->data);
+        OPENSSL_free(ret->index);
+        OPENSSL_free(ret->qual);
+        OPENSSL_free(ret);
+    }
+    return (NULL);
 }
 
 OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
@@ -242,8 +228,7 @@ int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
             return (0);
         }
     }
-    if (db->index[field] != NULL)
-        lh_OPENSSL_STRING_free(db->index[field]);
+    lh_OPENSSL_STRING_free(db->index[field]);
     db->index[field] = idx;
     db->qual[field] = qual;
     return (1);
@@ -292,8 +277,7 @@ long TXT_DB_write(BIO *out, TXT_DB *db)
     }
     ret = tot;
  err:
-    if (buf != NULL)
-        BUF_MEM_free(buf);
+    BUF_MEM_free(buf);
     return (ret);
 }
 
@@ -343,8 +327,7 @@ void TXT_DB_free(TXT_DB *db)
 
     if (db->index != NULL) {
         for (i = db->num_fields - 1; i >= 0; i--)
-            if (db->index[i] != NULL)
-                lh_OPENSSL_STRING_free(db->index[i]);
+            lh_OPENSSL_STRING_free(db->index[i]);
         OPENSSL_free(db->index);
     }
     OPENSSL_free(db->qual);
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 31b3c3c..304cf4a 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -177,8 +177,7 @@ static int by_dir_hash_cmp(const BY_DIR_HASH *const *a,
 static void by_dir_entry_free(BY_DIR_ENTRY *ent)
 {
     OPENSSL_free(ent->dir);
-    if (ent->hashes)
-        sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free);
+    sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free);
     OPENSSL_free(ent);
 }
 
@@ -187,10 +186,8 @@ static void free_dir(X509_LOOKUP *lu)
     BY_DIR *a;
 
     a = (BY_DIR *)lu->method_data;
-    if (a->dirs != NULL)
-        sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free);
-    if (a->buffer != NULL)
-        BUF_MEM_free(a->buffer);
+    sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free);
+    BUF_MEM_free(a->buffer);
     OPENSSL_free(a);
 }
 
@@ -435,7 +432,6 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
         }
     }
  finish:
-    if (b != NULL)
-        BUF_MEM_free(b);
+    BUF_MEM_free(b);
     return (ok);
 }
diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
index 4e80c1b..ca6ff5d 100644
--- a/crypto/x509/x509_obj.c
+++ b/crypto/x509/x509_obj.c
@@ -207,7 +207,6 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
     return (p);
  err:
     X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE);
-    if (b != NULL)
-        BUF_MEM_free(b);
+    BUF_MEM_free(b);
     return (NULL);
 }
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 522f9b9..3f4fb81 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -1020,10 +1020,8 @@ static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
         *pscore = best_score;
         *preasons = best_reasons;
         CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL);
-        if (*pdcrl) {
-            X509_CRL_free(*pdcrl);
-            *pdcrl = NULL;
-        }
+        X509_CRL_free(*pdcrl);
+        *pdcrl = NULL;
         get_delta_sk(ctx, pdcrl, pscore, best_crl, crls);
     }
 
diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
index b0d9c4d..29ee8a7 100644
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -83,8 +83,6 @@ static void str_free(char *s)
     OPENSSL_free(s);
 }
 
-#define string_stack_free(sk) sk_OPENSSL_STRING_pop_free(sk, str_free)
-
 static int int_x509_param_set_hosts(X509_VERIFY_PARAM_ID *id, int mode,
                                     const char *name, size_t namelen)
 {
@@ -101,8 +99,8 @@ static int int_x509_param_set_hosts(X509_VERIFY_PARAM_ID *id, int mode,
     if (name && name[namelen - 1] == '\0')
         --namelen;
 
-    if (mode == SET_HOST && id->hosts) {
-        string_stack_free(id->hosts);
+    if (mode == SET_HOST) {
+        sk_OPENSSL_STRING_pop_free(id->hosts, str_free);
         id->hosts = NULL;
     }
     if (name == NULL || namelen == 0)
@@ -147,7 +145,7 @@ static void x509_verify_param_zero(X509_VERIFY_PARAM *param)
     sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free);
     param->policies = NULL;
     paramid = param->id;
-    string_stack_free(paramid->hosts);
+    sk_OPENSSL_STRING_pop_free(paramid->hosts, str_free);
     paramid->hosts = NULL;
     OPENSSL_free(paramid->peername);
     OPENSSL_free(paramid->email);
@@ -287,10 +285,8 @@ int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest,
 
     /* Copy the host flags if and only if we're copying the host list */
     if (test_x509_verify_param_copy_id(hosts, NULL)) {
-        if (dest->id->hosts) {
-            string_stack_free(dest->id->hosts);
-            dest->id->hosts = NULL;
-        }
+        sk_OPENSSL_STRING_pop_free(dest->id->hosts, str_free);
+        dest->id->hosts = NULL;
         if (id->hosts) {
             dest->id->hosts =
                 sk_OPENSSL_STRING_deep_copy(id->hosts, str_copy, str_free);
diff --git a/crypto/x509v3/pcy_cache.c b/crypto/x509v3/pcy_cache.c
index 1f07fe2..1f94260 100644
--- a/crypto/x509v3/pcy_cache.c
+++ b/crypto/x509v3/pcy_cache.c
@@ -110,8 +110,7 @@ static int policy_cache_create(X509 *x,
  bad_policy:
     if (ret == -1)
         x->ex_flags |= EXFLAG_INVALID_POLICY;
-    if (data)
-        policy_data_free(data);
+    policy_data_free(data);
     sk_POLICYINFO_pop_free(policies, POLICYINFO_free);
     if (ret <= 0) {
         sk_X509_POLICY_DATA_pop_free(cache->data, policy_data_free);
@@ -206,11 +205,8 @@ static int policy_cache_new(X509 *x)
     x->ex_flags |= EXFLAG_INVALID_POLICY;
 
  just_cleanup:
-    if (ext_pcons)
-        POLICY_CONSTRAINTS_free(ext_pcons);
-
+    POLICY_CONSTRAINTS_free(ext_pcons);
     ASN1_INTEGER_free(ext_any);
-
     return 1;
 
 }
@@ -219,8 +215,7 @@ void policy_cache_free(X509_POLICY_CACHE *cache)
 {
     if (!cache)
         return;
-    if (cache->anyPolicy)
-        policy_data_free(cache->anyPolicy);
+    policy_data_free(cache->anyPolicy);
     sk_X509_POLICY_DATA_pop_free(cache->data, policy_data_free);
     OPENSSL_free(cache);
 }
diff --git a/crypto/x509v3/pcy_data.c b/crypto/x509v3/pcy_data.c
index 3a8d432..37c867e 100644
--- a/crypto/x509v3/pcy_data.c
+++ b/crypto/x509v3/pcy_data.c
@@ -67,6 +67,8 @@
 
 void policy_data_free(X509_POLICY_DATA *data)
 {
+    if (!data)
+        return;
     ASN1_OBJECT_free(data->valid_policy);
     /* Don't free qualifiers if shared */
     if (!(data->flags & POLICY_DATA_FLAG_SHARED_QUALIFIERS))
diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
index 1f85c37..f1bcb05 100644
--- a/crypto/x509v3/pcy_tree.c
+++ b/crypto/x509v3/pcy_tree.c
@@ -657,8 +657,7 @@ void X509_policy_tree_free(X509_POLICY_TREE *tree)
     for (i = 0, curr = tree->levels; i < tree->nlevel; i++, curr++) {
         X509_free(curr->cert);
         sk_X509_POLICY_NODE_pop_free(curr->nodes, policy_node_free);
-        if (curr->anyPolicy)
-            policy_node_free(curr->anyPolicy);
+        policy_node_free(curr->anyPolicy);
     }
 
     sk_X509_POLICY_DATA_pop_free(tree->extra_data, policy_data_free);
diff --git a/crypto/x509v3/v3_crld.c b/crypto/x509v3/v3_crld.c
index 48a6a9d..8ffcdd7 100644
--- a/crypto/x509v3/v3_crld.c
+++ b/crypto/x509v3/v3_crld.c
@@ -173,8 +173,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx,
     return 1;
 
  err:
-    if (fnm)
-        sk_GENERAL_NAME_pop_free(fnm, GENERAL_NAME_free);
+    sk_GENERAL_NAME_pop_free(fnm, GENERAL_NAME_free);
     sk_X509_NAME_ENTRY_pop_free(rnm, X509_NAME_ENTRY_free);
     return -1;
 }
@@ -279,8 +278,7 @@ static DIST_POINT *crldp_from_section(X509V3_CTX *ctx,
     return point;
 
  err:
-    if (point)
-        DIST_POINT_free(point);
+    DIST_POINT_free(point);
     return NULL;
 }
 
diff --git a/demos/cms/cms_comp.c b/demos/cms/cms_comp.c
index e117d37..f902d20 100644
--- a/demos/cms/cms_comp.c
+++ b/demos/cms/cms_comp.c
@@ -48,11 +48,8 @@ int main(int argc, char **argv)
         ERR_print_errors_fp(stderr);
     }
 
-    if (cms)
-        CMS_ContentInfo_free(cms);
+    CMS_ContentInfo_free(cms);
     BIO_free(in);
     BIO_free(out);
-
     return ret;
-
 }
diff --git a/demos/cms/cms_ddec.c b/demos/cms/cms_ddec.c
index 36bb4ee..3b23e8d 100644
--- a/demos/cms/cms_ddec.c
+++ b/demos/cms/cms_ddec.c
@@ -68,16 +68,12 @@ int main(int argc, char **argv)
         ERR_print_errors_fp(stderr);
     }
 
-    if (cms)
-        CMS_ContentInfo_free(cms);
+    CMS_ContentInfo_free(cms);
     X509_free(rcert);
     EVP_PKEY_free(rkey);
-
     BIO_free(in);
     BIO_free(out);
     BIO_free(tbio);
     BIO_free(dcont);
-
     return ret;
-
 }
diff --git a/demos/cms/cms_dec.c b/demos/cms/cms_dec.c
index 832b54d..22181c2 100644
--- a/demos/cms/cms_dec.c
+++ b/demos/cms/cms_dec.c
@@ -59,15 +59,11 @@ int main(int argc, char **argv)
         ERR_print_errors_fp(stderr);
     }
 
-    if (cms)
-        CMS_ContentInfo_free(cms);
+    CMS_ContentInfo_free(cms);
     X509_free(rcert);
     EVP_PKEY_free(rkey);
-
     BIO_free(in);
     BIO_free(out);
     BIO_free(tbio);
-
     return ret;
-
 }
diff --git a/demos/cms/cms_denc.c b/demos/cms/cms_denc.c
index f91fec1..8aa82aa 100644
--- a/demos/cms/cms_denc.c
+++ b/demos/cms/cms_denc.c
@@ -77,16 +77,12 @@ int main(int argc, char **argv)
         ERR_print_errors_fp(stderr);
     }
 
-    if (cms)
-        CMS_ContentInfo_free(cms);
+    CMS_ContentInfo_free(cms);
     X509_free(rcert);
     sk_X509_pop_free(recips, X509_free);
-
     BIO_free(in);
     BIO_free(out);
     BIO_free(dout);
     BIO_free(tbio);
-
     return ret;
-
 }
diff --git a/demos/cms/cms_enc.c b/demos/cms/cms_enc.c
index ba62f79..f4ba542 100644
--- a/demos/cms/cms_enc.c
+++ b/demos/cms/cms_enc.c
@@ -73,15 +73,11 @@ int main(int argc, char **argv)
         ERR_print_errors_fp(stderr);
     }
 
-    if (cms)
-        CMS_ContentInfo_free(cms);
+    CMS_ContentInfo_free(cms);
     X509_free(rcert);
     sk_X509_pop_free(recips, X509_free);
-
     BIO_free(in);
     BIO_free(out);
     BIO_free(tbio);
-
     return ret;
-
 }
diff --git a/demos/cms/cms_sign.c b/demos/cms/cms_sign.c
index e9871df..8b5a64d 100644
--- a/demos/cms/cms_sign.c
+++ b/demos/cms/cms_sign.c
@@ -69,15 +69,11 @@ int main(int argc, char **argv)
         ERR_print_errors_fp(stderr);
     }
 
-    if (cms)
-        CMS_ContentInfo_free(cms);
+    CMS_ContentInfo_free(cms);
     X509_free(scert);
     EVP_PKEY_free(skey);
-
     BIO_free(in);
     BIO_free(out);
     BIO_free(tbio);
-
     return ret;
-
 }
diff --git a/demos/cms/cms_sign2.c b/demos/cms/cms_sign2.c
index 127f586..9fdd035 100644
--- a/demos/cms/cms_sign2.c
+++ b/demos/cms/cms_sign2.c
@@ -77,9 +77,7 @@ int main(int argc, char **argv)
         ERR_print_errors_fp(stderr);
     }
 
-    if (cms)
-        CMS_ContentInfo_free(cms);
-
+    CMS_ContentInfo_free(cms);
     X509_free(scert);
     EVP_PKEY_free(skey);
     X509_free(scert2);
@@ -87,7 +85,5 @@ int main(int argc, char **argv)
     BIO_free(in);
     BIO_free(out);
     BIO_free(tbio);
-
     return ret;
-
 }
diff --git a/demos/cms/cms_uncomp.c b/demos/cms/cms_uncomp.c
index 8d45834..2c10b81 100644
--- a/demos/cms/cms_uncomp.c
+++ b/demos/cms/cms_uncomp.c
@@ -42,12 +42,8 @@ int main(int argc, char **argv)
         ERR_print_errors_fp(stderr);
     }
 
-    if (cms)
-        CMS_ContentInfo_free(cms);
-
+    CMS_ContentInfo_free(cms);
     BIO_free(in);
     BIO_free(out);
-
     return ret;
-
 }
diff --git a/demos/cms/cms_ver.c b/demos/cms/cms_ver.c
index 0f34bbf..c6e83c0 100644
--- a/demos/cms/cms_ver.c
+++ b/demos/cms/cms_ver.c
@@ -67,15 +67,10 @@ int main(int argc, char **argv)
         ERR_print_errors_fp(stderr);
     }
 
-    if (cms)
-        CMS_ContentInfo_free(cms);
-
+    CMS_ContentInfo_free(cms);
     X509_free(cacert);
-
     BIO_free(in);
     BIO_free(out);
     BIO_free(tbio);
-
     return ret;
-
 }
diff --git a/demos/engines/ibmca/hw_ibmca.c b/demos/engines/ibmca/hw_ibmca.c
index 820abe8..fb5b8db 100644
--- a/demos/engines/ibmca/hw_ibmca.c
+++ b/demos/engines/ibmca/hw_ibmca.c
@@ -596,8 +596,7 @@ static int ibmca_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
                                       rsa->dmq1, rsa->iqmp, ctx);
     }
  err:
-    if (ctx)
-        BN_CTX_free(ctx);
+    BN_CTX_free(ctx);
     return to_return;
 }
 #  endif
diff --git a/engines/ccgost/gost2001.c b/engines/ccgost/gost2001.c
index 5490a5d..8b56a30 100644
--- a/engines/ccgost/gost2001.c
+++ b/engines/ccgost/gost2001.c
@@ -109,8 +109,8 @@ int fill_GOST2001_params(EC_KEY *eckey, int nid)
     }
     ok = 1;
  err:
-    if (P) EC_POINT_free(P);
-    if (grp) EC_GROUP_free(grp);
+    EC_POINT_free(P);
+    EC_GROUP_free(grp);
     if (ctx)
         BN_CTX_end(ctx);
     BN_CTX_free(ctx);
@@ -243,7 +243,7 @@ DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
     if (ctx)
         BN_CTX_end(ctx);
     BN_CTX_free(ctx);
-    if (C) EC_POINT_free(C);
+    EC_POINT_free(C);
     BN_free(md);
     if (!ret)
         DSA_SIG_free(newsig);
@@ -361,7 +361,7 @@ int gost2001_do_verify(const unsigned char *dgst, int dgst_len,
         ok = 1;
     }
  err:
-    if (C) EC_POINT_free(C);
+    EC_POINT_free(C);
     if (ctx)
         BN_CTX_end(ctx);
     BN_CTX_free(ctx);
@@ -413,7 +413,7 @@ int gost2001_compute_public(EC_KEY *ec)
     }
     ok = 256;
  err:
-    if (pub_key) EC_POINT_free(pub_key);
+    EC_POINT_free(pub_key);
     if (ctx)
         BN_CTX_end(ctx);
     BN_CTX_free(ctx);
diff --git a/engines/ccgost/gost2001_keyx.c b/engines/ccgost/gost2001_keyx.c
index 864d01b..abbacbb 100644
--- a/engines/ccgost/gost2001_keyx.c
+++ b/engines/ccgost/gost2001_keyx.c
@@ -285,7 +285,6 @@ int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
     ret = 1;
  err:
     EVP_PKEY_free(eph_key);
-    if (gkt)
-        GOST_KEY_TRANSPORT_free(gkt);
+    GOST_KEY_TRANSPORT_free(gkt);
     return ret;
 }
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 7b7f876..3af3ba1 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -203,7 +203,8 @@ static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len,
 
 void dtls1_hm_fragment_free(hm_fragment *frag)
 {
-
+    if (!frag)
+        return;
     if (frag->msg_header.is_ccs) {
         EVP_CIPHER_CTX_free(frag->msg_header.
                             saved_retransmit_state.enc_write_ctx);
@@ -724,7 +725,7 @@ dtls1_reassemble_fragment(SSL *s, const struct hm_header_st *msg_hdr, int *ok)
     return DTLS1_HM_FRAGMENT_RETRY;
 
  err:
-    if (frag != NULL && item == NULL)
+    if (item == NULL)
         dtls1_hm_fragment_free(frag);
     *ok = 0;
     return i;
@@ -821,7 +822,7 @@ dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st *msg_hdr,
     return DTLS1_HM_FRAGMENT_RETRY;
 
  err:
-    if (frag != NULL && item == NULL)
+    if (item == NULL)
         dtls1_hm_fragment_free(frag);
     *ok = 0;
     return i;
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 0f4373e..b8efa88 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -781,8 +781,7 @@ int dtls1_connect(SSL *s)
              s->in_handshake, NULL);
 #endif
 
-    if (buf != NULL)
-        BUF_MEM_free(buf);
+    BUF_MEM_free(buf);
     if (cb != NULL)
         cb(s, SSL_CB_CONNECT_EXIT, ret);
     return (ret);
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 6946b32..81d532c 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -153,10 +153,8 @@ int dtls1_new(SSL *s)
     d1->mtu = 0;
 
     if (!d1->buffered_messages || !d1->sent_messages) {
-        if (d1->buffered_messages)
-            pqueue_free(d1->buffered_messages);
-        if (d1->sent_messages)
-            pqueue_free(d1->sent_messages);
+        pqueue_free(d1->buffered_messages);
+        pqueue_free(d1->sent_messages);
         OPENSSL_free(d1);
         ssl3_free(s);
         return (0);
diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c
index a78f150..a484c97 100644
--- a/ssl/record/rec_layer_d1.c
+++ b/ssl/record/rec_layer_d1.c
@@ -140,12 +140,9 @@ int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl)
 
     if (!d->unprocessed_rcds.q || !d->processed_rcds.q
         || !d->buffered_app_data.q) {
-        if (d->unprocessed_rcds.q)
-            pqueue_free(d->unprocessed_rcds.q);
-        if (d->processed_rcds.q)
-            pqueue_free(d->processed_rcds.q);
-        if (d->buffered_app_data.q)
-            pqueue_free(d->buffered_app_data.q);
+        pqueue_free(d->unprocessed_rcds.q);
+        pqueue_free(d->processed_rcds.q);
+        pqueue_free(d->buffered_app_data.q);
         OPENSSL_free(d);
         rl->d = NULL;
         return (0);
@@ -266,9 +263,7 @@ int dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
     item = pitem_new(priority, rdata);
     if (rdata == NULL || item == NULL) {
         OPENSSL_free(rdata);
-        if (item != NULL)
-            pitem_free(item);
-
+        pitem_free(item);
         SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
         return -1;
     }
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 4196eac..3434340 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -249,8 +249,7 @@ int ssl23_connect(SSL *s)
     }
  end:
     s->in_handshake--;
-    if (buf != NULL)
-        BUF_MEM_free(buf);
+    BUF_MEM_free(buf);
     if (cb != NULL)
         cb(s, SSL_CB_CONNECT_EXIT, ret);
     return (ret);
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 7915052..f81f160 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -599,11 +599,8 @@ int ssl3_connect(SSL *s)
         case SSL_ST_OK:
             /* clean a few things up */
             ssl3_cleanup_key_block(s);
-
-            if (s->init_buf != NULL) {
-                BUF_MEM_free(s->init_buf);
-                s->init_buf = NULL;
-            }
+            BUF_MEM_free(s->init_buf);
+            s->init_buf = NULL;
 
             /*
              * If we are not 'joining' the last two packets, remove the
@@ -657,8 +654,7 @@ int ssl3_connect(SSL *s)
     }
  end:
     s->in_handshake--;
-    if (buf != NULL)
-        BUF_MEM_free(buf);
+    BUF_MEM_free(buf);
     if (cb != NULL)
         cb(s, SSL_CB_CONNECT_EXIT, ret);
     return (ret);
@@ -3319,8 +3315,7 @@ int ssl3_send_client_certificate(SSL *s)
         }
 
         X509_free(x509);
-        if (pkey != NULL)
-            EVP_PKEY_free(pkey);
+        EVP_PKEY_free(pkey);
         if (i && !ssl3_check_client_certificate(s))
             i = 0;
         if (i == 0) {
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 4610e7f..c2fddb8 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3131,8 +3131,7 @@ void ssl3_free(SSL *s)
     if (s->s3->handshake_dgst)
         ssl3_free_digest_list(s);
 #ifndef OPENSSL_NO_TLSEXT
-    if (s->s3->alpn_selected)
-        OPENSSL_free(s->s3->alpn_selected);
+    OPENSSL_free(s->s3->alpn_selected);
 #endif
 
 #ifndef OPENSSL_NO_SRP
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 5b83407..d2c8995 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1272,14 +1272,9 @@ int ssl3_get_client_hello(SSL *s)
             }
 
             s->session->cipher = pref_cipher;
-
-            if (s->cipher_list)
-                sk_SSL_CIPHER_free(s->cipher_list);
-
-            if (s->cipher_list_by_id)
-                sk_SSL_CIPHER_free(s->cipher_list_by_id);
-
+            sk_SSL_CIPHER_free(s->cipher_list);
             s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers);
+            sk_SSL_CIPHER_free(s->cipher_list_by_id);
             s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers);
         }
     }
@@ -1371,8 +1366,7 @@ int ssl3_get_client_hello(SSL *s)
 #else
         s->session->compress_meth = (comp == NULL) ? 0 : comp->id;
 #endif
-        if (s->session->ciphers != NULL)
-            sk_SSL_CIPHER_free(s->session->ciphers);
+        sk_SSL_CIPHER_free(s->session->ciphers);
         s->session->ciphers = ciphers;
         if (ciphers == NULL) {
             al = SSL_AD_INTERNAL_ERROR;
@@ -1452,8 +1446,7 @@ int ssl3_get_client_hello(SSL *s)
         ssl3_send_alert(s, SSL3_AL_FATAL, al);
     }
  err:
-    if (ciphers != NULL)
-        sk_SSL_CIPHER_free(ciphers);
+    sk_SSL_CIPHER_free(ciphers);
     return ret < 0 ? -1 : ret;
 }
 
@@ -3127,11 +3120,9 @@ int ssl3_get_cert_verify(SSL *s)
         ssl3_send_alert(s, SSL3_AL_FATAL, al);
     }
  end:
-    if (s->s3->handshake_buffer) {
-        BIO_free(s->s3->handshake_buffer);
-        s->s3->handshake_buffer = NULL;
-        s->s3->flags &= ~TLS1_FLAGS_KEEP_HANDSHAKE;
-    }
+    BIO_free(s->s3->handshake_buffer);
+    s->s3->handshake_buffer = NULL;
+    s->s3->flags &= ~TLS1_FLAGS_KEEP_HANDSHAKE;
     EVP_MD_CTX_cleanup(&mctx);
     EVP_PKEY_free(pkey);
     return (ret);
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 5244ecb..cce7f15 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -405,11 +405,9 @@ void ssl_cert_clear_certs(CERT *c)
         sk_X509_pop_free(cpk->chain, X509_free);
         cpk->chain = NULL;
 #ifndef OPENSSL_NO_TLSEXT
-        if (cpk->serverinfo) {
-            OPENSSL_free(cpk->serverinfo);
-            cpk->serverinfo = NULL;
-            cpk->serverinfo_length = 0;
-        }
+        OPENSSL_free(cpk->serverinfo);
+        cpk->serverinfo = NULL;
+        cpk->serverinfo_length = 0;
 #endif
         /* Clear all flags apart from explicit sign */
         cpk->valid_flags &= CERT_PKEY_EXPLICIT_SIGN;
@@ -447,20 +445,14 @@ void ssl_cert_free(CERT *c)
 #endif
 
     ssl_cert_clear_certs(c);
-    if (c->peer_sigalgs)
-        OPENSSL_free(c->peer_sigalgs);
-    if (c->conf_sigalgs)
-        OPENSSL_free(c->conf_sigalgs);
-    if (c->client_sigalgs)
-        OPENSSL_free(c->client_sigalgs);
-    if (c->shared_sigalgs)
-        OPENSSL_free(c->shared_sigalgs);
-    if (c->ctypes)
-        OPENSSL_free(c->ctypes);
+    OPENSSL_free(c->peer_sigalgs);
+    OPENSSL_free(c->conf_sigalgs);
+    OPENSSL_free(c->client_sigalgs);
+    OPENSSL_free(c->shared_sigalgs);
+    OPENSSL_free(c->ctypes);
     X509_STORE_free(c->verify_store);
     X509_STORE_free(c->chain_store);
-    if (c->ciphers_raw)
-        OPENSSL_free(c->ciphers_raw);
+    OPENSSL_free(c->ciphers_raw);
 #ifndef OPENSSL_NO_TLSEXT
     custom_exts_free(&c->cli_ext);
     custom_exts_free(&c->srv_ext);
@@ -624,12 +616,11 @@ void ssl_sess_cert_free(SESS_CERT *sc)
         X509_free(sc->peer_pkeys[i].x509);
 #if 0
         /*
-         * We don't have the peer's private key. These lines are just
+         * We don't have the peer's private key. This line is just
          * here as a reminder that we're still using a not-quite-appropriate
          *  data structure.
          */
-        if (sc->peer_pkeys[i].privatekey != NULL)
-            EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
+        EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
 #endif
     }
 
@@ -917,8 +908,7 @@ int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
         ret = 0;
  done:
     BIO_free(in);
-    if (x != NULL)
-        X509_free(x);
+    X509_free(x);
     (void)sk_X509_NAME_set_cmp_func(stack, oldcmp);
     return ret;
 }
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 41af4f6..6c6ac8d 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1600,8 +1600,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK
         sk_SSL_CIPHER_free(cipherstack);
         return NULL;
     }
-    if (*cipher_list != NULL)
-        sk_SSL_CIPHER_free(*cipher_list);
+    sk_SSL_CIPHER_free(*cipher_list);
     *cipher_list = cipherstack;
     if (*cipher_list_by_id != NULL)
         sk_SSL_CIPHER_free(*cipher_list_by_id);
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 63e9712..4dfd7ab 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -216,15 +216,11 @@ int SSL_clear(SSL *s)
     s->client_version = s->version;
     s->rwstate = SSL_NOTHING;
 
-    if (s->init_buf != NULL) {
-        BUF_MEM_free(s->init_buf);
-        s->init_buf = NULL;
-    }
-
+    BUF_MEM_free(s->init_buf);
+    s->init_buf = NULL;
     ssl_clear_cipher_ctx(s);
     ssl_clear_hash_ctx(&s->read_hash);
     ssl_clear_hash_ctx(&s->write_hash);
-
     s->first_packet = 0;
 
     /*
@@ -547,14 +543,11 @@ void SSL_free(SSL *s)
     if (s->wbio != s->rbio)
         BIO_free_all(s->wbio);
 
-    if (s->init_buf != NULL)
-        BUF_MEM_free(s->init_buf);
+    BUF_MEM_free(s->init_buf);
 
     /* add extra stuff */
-    if (s->cipher_list != NULL)
-        sk_SSL_CIPHER_free(s->cipher_list);
-    if (s->cipher_list_by_id != NULL)
-        sk_SSL_CIPHER_free(s->cipher_list_by_id);
+    sk_SSL_CIPHER_free(s->cipher_list);
+    sk_SSL_CIPHER_free(s->cipher_list_by_id);
 
     /* Make the next call work :-) */
     if (s->session != NULL) {
@@ -577,8 +570,7 @@ void SSL_free(SSL *s)
     OPENSSL_free(s->tlsext_ellipticcurvelist);
 # endif                         /* OPENSSL_NO_EC */
     sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
-    if (s->tlsext_ocsp_ids)
-        sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
+    sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
     OPENSSL_free(s->tlsext_ocsp_resp);
     OPENSSL_free(s->alpn_client_proto_list);
 #endif
@@ -602,8 +594,7 @@ void SSL_free(SSL *s)
 #endif
 
 #ifndef OPENSSL_NO_SRTP
-    if (s->srtp_profiles)
-        sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
+    sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
 #endif
 
     OPENSSL_free(s);
@@ -1499,8 +1490,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
         sk_SSL_CIPHER_zero(sk);
     }
 
-    if (s->cert->ciphers_raw)
-        OPENSSL_free(s->cert->ciphers_raw);
+    OPENSSL_free(s->cert->ciphers_raw);
     s->cert->ciphers_raw = BUF_memdup(p, num);
     if (s->cert->ciphers_raw == NULL) {
         SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
@@ -1721,9 +1711,7 @@ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
 int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
                             unsigned protos_len)
 {
-    if (ctx->alpn_client_proto_list)
-        OPENSSL_free(ctx->alpn_client_proto_list);
-
+    OPENSSL_free(ctx->alpn_client_proto_list);
     ctx->alpn_client_proto_list = OPENSSL_malloc(protos_len);
     if (!ctx->alpn_client_proto_list)
         return 1;
@@ -1741,9 +1729,7 @@ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
 int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
                         unsigned protos_len)
 {
-    if (ssl->alpn_client_proto_list)
-        OPENSSL_free(ssl->alpn_client_proto_list);
-
+    OPENSSL_free(ssl->alpn_client_proto_list);
     ssl->alpn_client_proto_list = OPENSSL_malloc(protos_len);
     if (!ssl->alpn_client_proto_list)
         return 1;
@@ -2037,28 +2023,19 @@ void SSL_CTX_free(SSL_CTX *a)
         SSL_CTX_flush_sessions(a, 0);
 
     CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
-
-    if (a->sessions != NULL)
-        lh_SSL_SESSION_free(a->sessions);
-
+    lh_SSL_SESSION_free(a->sessions);
     X509_STORE_free(a->cert_store);
-    if (a->cipher_list != NULL)
-        sk_SSL_CIPHER_free(a->cipher_list);
-    if (a->cipher_list_by_id != NULL)
-        sk_SSL_CIPHER_free(a->cipher_list_by_id);
+    sk_SSL_CIPHER_free(a->cipher_list);
+    sk_SSL_CIPHER_free(a->cipher_list_by_id);
     ssl_cert_free(a->cert);
     sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
     sk_X509_pop_free(a->extra_certs, X509_free);
     a->comp_methods = NULL;
-
 #ifndef OPENSSL_NO_SRTP
-    if (a->srtp_profiles)
-        sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
+    sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
 #endif
-
 #ifndef OPENSSL_NO_PSK
-    if (a->psk_identity_hint)
-        OPENSSL_free(a->psk_identity_hint);
+    OPENSSL_free(a->psk_identity_hint);
 #endif
 #ifndef OPENSSL_NO_SRP
     SSL_CTX_SRP_CTX_free(a);
@@ -2070,13 +2047,10 @@ void SSL_CTX_free(SSL_CTX *a)
 
 #ifndef OPENSSL_NO_TLSEXT
 # ifndef OPENSSL_NO_EC
-    if (a->tlsext_ecpointformatlist)
-        OPENSSL_free(a->tlsext_ecpointformatlist);
-    if (a->tlsext_ellipticcurvelist)
-        OPENSSL_free(a->tlsext_ellipticcurvelist);
-# endif                         /* OPENSSL_NO_EC */
-    if (a->alpn_client_proto_list != NULL)
-        OPENSSL_free(a->alpn_client_proto_list);
+    OPENSSL_free(a->tlsext_ecpointformatlist);
+    OPENSSL_free(a->tlsext_ellipticcurvelist);
+# endif
+    OPENSSL_free(a->alpn_client_proto_list);
 #endif
 
     OPENSSL_free(a);
@@ -3259,8 +3233,7 @@ int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
                SSL_R_DATA_LENGTH_TOO_LONG);
         return 0;
     }
-    if (ctx->psk_identity_hint != NULL)
-        OPENSSL_free(ctx->psk_identity_hint);
+    OPENSSL_free(ctx->psk_identity_hint);
     if (identity_hint != NULL) {
         ctx->psk_identity_hint = BUF_strdup(identity_hint);
         if (ctx->psk_identity_hint == NULL)
@@ -3282,8 +3255,7 @@ int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
         SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
         return 0;
     }
-    if (s->session->psk_identity_hint != NULL)
-        OPENSSL_free(s->session->psk_identity_hint);
+    OPENSSL_free(s->session->psk_identity_hint);
     if (identity_hint != NULL) {
         s->session->psk_identity_hint = BUF_strdup(identity_hint);
         if (s->session->psk_identity_hint == NULL)
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index e4798e9..305b185 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -212,12 +212,10 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
         }
     }
 
-    if (c->pkeys[i].privatekey != NULL)
-        EVP_PKEY_free(c->pkeys[i].privatekey);
+    EVP_PKEY_free(c->pkeys[i].privatekey);
     CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
     c->pkeys[i].privatekey = pkey;
     c->key = &(c->pkeys[i]);
-
     c->valid = 0;
     return (1);
 }
@@ -715,8 +713,7 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
     }
 
  end:
-    if (x != NULL)
-        X509_free(x);
+    X509_free(x);
     BIO_free(in);
     return (ret);
 }
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index a376875..1a00c38 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -733,31 +733,23 @@ void SSL_SESSION_free(SSL_SESSION *ss)
     OPENSSL_cleanse(ss->session_id, sizeof ss->session_id);
     ssl_sess_cert_free(ss->sess_cert);
     X509_free(ss->peer);
-    if (ss->ciphers != NULL)
-        sk_SSL_CIPHER_free(ss->ciphers);
+    sk_SSL_CIPHER_free(ss->ciphers);
 #ifndef OPENSSL_NO_TLSEXT
-    if (ss->tlsext_hostname != NULL)
-        OPENSSL_free(ss->tlsext_hostname);
-    if (ss->tlsext_tick != NULL)
-        OPENSSL_free(ss->tlsext_tick);
+    OPENSSL_free(ss->tlsext_hostname);
+    OPENSSL_free(ss->tlsext_tick);
 # ifndef OPENSSL_NO_EC
     ss->tlsext_ecpointformatlist_length = 0;
-    if (ss->tlsext_ecpointformatlist != NULL)
-        OPENSSL_free(ss->tlsext_ecpointformatlist);
+    OPENSSL_free(ss->tlsext_ecpointformatlist);
     ss->tlsext_ellipticcurvelist_length = 0;
-    if (ss->tlsext_ellipticcurvelist != NULL)
-        OPENSSL_free(ss->tlsext_ellipticcurvelist);
+    OPENSSL_free(ss->tlsext_ellipticcurvelist);
 # endif                         /* OPENSSL_NO_EC */
 #endif
 #ifndef OPENSSL_NO_PSK
-    if (ss->psk_identity_hint != NULL)
-        OPENSSL_free(ss->psk_identity_hint);
-    if (ss->psk_identity != NULL)
-        OPENSSL_free(ss->psk_identity);
+    OPENSSL_free(ss->psk_identity_hint);
+    OPENSSL_free(ss->psk_identity);
 #endif
 #ifndef OPENSSL_NO_SRP
-    if (ss->srp_username != NULL)
-        OPENSSL_free(ss->srp_username);
+    OPENSSL_free(ss->srp_username);
 #endif
     OPENSSL_clear_free(ss, sizeof(*ss));
 }
diff --git a/test/ecdsatest.c b/test/ecdsatest.c
index 52326c5..6aeff25 100644
--- a/test/ecdsatest.c
+++ b/test/ecdsatest.c
@@ -241,8 +241,7 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
     if (!ret)
         BIO_printf(out, " failed\n");
     EC_KEY_free(key);
-    if (signature)
-        ECDSA_SIG_free(signature);
+    ECDSA_SIG_free(signature);
     BN_free(r);
     BN_free(s);
     EVP_MD_CTX_cleanup(&md_ctx);
@@ -502,8 +501,7 @@ int test_builtin(BIO *out)
  builtin_err:
     EC_KEY_free(eckey);
     EC_KEY_free(wrong_eckey);
-    if (ecdsa_sig)
-        ECDSA_SIG_free(ecdsa_sig);
+    ECDSA_SIG_free(ecdsa_sig);
     OPENSSL_free(signature);
     OPENSSL_free(raw_buf);
     OPENSSL_free(curves);
diff --git a/test/evp_test.c b/test/evp_test.c
index 7187624..4b5b9aa 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -251,12 +251,10 @@ static void free_expected(struct evp_test *t)
 {
     OPENSSL_free(t->expected_err);
     t->expected_err = NULL;
-    if (t->out_expected) {
-        OPENSSL_free(t->out_expected);
-        OPENSSL_free(t->out_got);
-        t->out_expected = NULL;
-        t->out_got = NULL;
-    }
+    OPENSSL_free(t->out_expected);
+    OPENSSL_free(t->out_got);
+    t->out_expected = NULL;
+    t->out_got = NULL;
 }
 
 static void print_expected(struct evp_test *t)


More information about the openssl-commits mailing list