Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Various Coverity fixes #7890

Merged
merged 1 commit into from
Aug 27, 2024
Merged

Various Coverity fixes #7890

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion src/ssl_load.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1560,7 +1560,9 @@ static void ProcessBufferCertSetHave(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
}
#endif
#ifndef WC_STRICT_SIG
wolfssl_set_have_from_key_oid(ctx, ssl, cert->keyOID);
if ((ctx != NULL) || (ssl != NULL)) {
wolfssl_set_have_from_key_oid(ctx, ssl, cert->keyOID);
}
#else
/* Set whether ECC is available based on signature available. */
if (ssl != NULL) {
Expand Down
8 changes: 5 additions & 3 deletions src/ssl_sess.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1711,12 +1711,12 @@ WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session)
WOLFSSL_MSG("Client cache serverRow or serverIdx invalid");
error = -1;
}
/* Prevent memory access before clientSession->serverRow and
* clientSession->serverIdx are sanitized. */
XFENCE();
if (error == 0) {
/* Lock row */
sessRow = &SessionCache[clientSession->serverRow];
/* Prevent memory access before clientSession->serverRow and
* clientSession->serverIdx are sanitized. */
XFENCE();
error = SESSION_ROW_RD_LOCK(sessRow);
if (error != 0) {
WOLFSSL_MSG("Session cache row lock failure");
Expand All @@ -1729,6 +1729,8 @@ WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session)
#else
cacheSession = &sessRow->Sessions[clientSession->serverIdx];
#endif
/* Prevent memory access */
XFENCE();
if (cacheSession && cacheSession->sessionIDSz == 0) {
cacheSession = NULL;
WOLFSSL_MSG("Session cache entry not set");
Expand Down
2 changes: 1 addition & 1 deletion src/tls13.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12347,7 +12347,7 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
{
int ret = 0, tmp;
word32 inIdx = *inOutIdx;
int alertType = invalid_alert;
int alertType;
#if defined(HAVE_ECH)
TLSX* echX = NULL;
word32 echInOutIdx;
Expand Down
11 changes: 9 additions & 2 deletions wolfcrypt/src/asn.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1498,6 +1498,8 @@ int GetASN_Items(const ASNItem* asn, ASNGetData *data, int count, int complete,
int minDepth;
/* Integer had a zero prepended. */
int zeroPadded;
word32 tmpW32Val;
signed char tmpScharVal;

#ifdef WOLFSSL_DEBUG_ASN_TEMPLATE
WOLFSSL_ENTER("GetASN_Items");
Expand Down Expand Up @@ -1536,14 +1538,18 @@ int GetASN_Items(const ASNItem* asn, ASNGetData *data, int count, int complete,
/* Check if first of numbered choice. */
if (choice == 0 && asn[i].optional > 1) {
choice = asn[i].optional;
if (choiceMet[choice - 2] == -1) {
tmpScharVal = choiceMet[choice - 2];
XFENCE(); /* Prevent memory access */
if (tmpScharVal == -1) {
/* Choice seen but not found a match yet. */
choiceMet[choice - 2] = 0;
}
}

/* Check for end of data or not a choice and tag not matching. */
if (idx == endIdx[depth] || (data[i].dataType != ASN_DATA_TYPE_CHOICE &&
tmpW32Val = endIdx[depth];
XFENCE(); /* Prevent memory access */
if (idx == tmpW32Val || (data[i].dataType != ASN_DATA_TYPE_CHOICE &&
(input[idx] & ~ASN_CONSTRUCTED) != asn[i].tag)) {
if (asn[i].optional) {
/* Skip over ASN.1 items underneath this optional item. */
Expand Down Expand Up @@ -1611,6 +1617,7 @@ int GetASN_Items(const ASNItem* asn, ASNGetData *data, int count, int complete,

/* Store found tag in data. */
data[i].tag = input[idx];
XFENCE(); /* Prevent memory access */
if (data[i].dataType != ASN_DATA_TYPE_CHOICE) {
int constructed = (input[idx] & ASN_CONSTRUCTED) == ASN_CONSTRUCTED;
/* Check constructed match expected for non-choice ASN.1 item. */
Expand Down
2 changes: 1 addition & 1 deletion wolfcrypt/src/rsa.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5243,7 +5243,7 @@ int wc_RsaPrivateKeyDecodeRaw(const byte* n, word32 nSz,
if (err == MP_OKAY) {
key->type = RSA_PRIVATE;
}
else {
else if (key != NULL) {
mp_clear(&key->n);
mp_clear(&key->e);
mp_clear(&key->d);
Expand Down
2 changes: 1 addition & 1 deletion wolfcrypt/src/wc_port.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1183,7 +1183,7 @@ char* wc_strdup_ex(const char *src, int memType) {
word32 len = 0;

if (src) {
len = (word32)XSTRLEN(src);
len = (word32)XSTRLEN(src) + 1; /* Add one for null terminator */
ret = (char*)XMALLOC(len, NULL, memType);
if (ret != NULL) {
XMEMCPY(ret, src, len);
Expand Down