espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-07-30 18:57:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(esp_wifi): Fixed static analyzer issues

Browse Source
This commit is contained in:
Kapil Gupta
2025-05-20 21:29:45 +05:30
parent 45fed1d225
commit 3b596bb602
12 changed files with 42 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls-bignum.c
View File

@ -1,5 +1,5 @@
/* /*
* SPDX-FileCopyrightText: 2015-2024 Espressif Systems (Shanghai) CO LTD * SPDX-FileCopyrightText: 2015-2025 Espressif Systems (Shanghai) CO LTD
* *
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
*/ */
@ -51,15 +51,20 @@ cleanup:
struct crypto_bignum * crypto_bignum_init_uint(unsigned int val) struct crypto_bignum * crypto_bignum_init_uint(unsigned int val)
{ {
int ret;
mbedtls_mpi *bn = os_zalloc(sizeof(mbedtls_mpi)); mbedtls_mpi *bn = os_zalloc(sizeof(mbedtls_mpi));
if (bn == NULL) { if (!bn) {
return NULL; return NULL;
} }
mbedtls_mpi_init(bn); mbedtls_mpi_init(bn);
mbedtls_mpi_lset(bn, val); ret = mbedtls_mpi_lset(bn, val);
if (ret) {
crypto_bignum_deinit((struct crypto_bignum *)bn, 0);
bn = NULL;
}
return (struct crypto_bignum *)bn; return (struct crypto_bignum *)bn;
} }

8
components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls-ec.c
View File

@ -1177,6 +1177,7 @@ struct wpabuf * crypto_ecdh_get_pubkey(struct crypto_ecdh *ecdh, int y)
{ {
struct wpabuf *public_key = NULL; struct wpabuf *public_key = NULL;
uint8_t *buf = NULL; uint8_t *buf = NULL;
int ret;
mbedtls_ecdh_context *ctx = (mbedtls_ecdh_context *)ecdh; mbedtls_ecdh_context *ctx = (mbedtls_ecdh_context *)ecdh;
size_t prime_len = ACCESS_ECDH(ctx, grp).pbits / 8; size_t prime_len = ACCESS_ECDH(ctx, grp).pbits / 8;
@ -1187,8 +1188,13 @@ struct wpabuf * crypto_ecdh_get_pubkey(struct crypto_ecdh *ecdh, int y)
} }
/* Export an MPI into unsigned big endian binary data of fixed size */ /* Export an MPI into unsigned big endian binary data of fixed size */
mbedtls_mpi_write_binary(ACCESS_ECDH(&ctx, Q).MBEDTLS_PRIVATE(X), buf, prime_len); ret = mbedtls_mpi_write_binary(ACCESS_ECDH(&ctx, Q).MBEDTLS_PRIVATE(X), buf, prime_len);
if (ret) {
goto cleanup;
}
public_key = wpabuf_alloc_copy(buf, 32); public_key = wpabuf_alloc_copy(buf, 32);
cleanup:
os_free(buf); os_free(buf);
return public_key; return public_key;
} }

2
components/wpa_supplicant/esp_supplicant/src/crypto/fastpbkdf2.c
View File

@ -109,7 +109,7 @@ static inline void md_pad(uint8_t *block, size_t blocksz, size_t used, size_t ms
const uint8_t *key, size_t nkey) \ const uint8_t *key, size_t nkey) \
{ \ { \
/* Prepare key: */ \ /* Prepare key: */ \
uint8_t k[_blocksz]; \ uint8_t k[_blocksz] = {0}; \
\ \
/* Shorten long keys. */ \ /* Shorten long keys. */ \
if (nkey > _blocksz) \ if (nkey > _blocksz) \

8
components/wpa_supplicant/esp_supplicant/src/esp_wps.c
View File

@ -641,11 +641,11 @@ int wps_process_wps_mX_req(u8 *ubuf, int len, enum wps_process_res *res)
tlen = frag_len; tlen = frag_len;
} }
if (tlen > 50000) {
wpa_printf(MSG_ERROR, "EAP-WSC: Invalid Message Length");
return ESP_FAIL;
}
if ((flag & WPS_MSG_FLAG_MORE) || wps_buf != NULL) {//frag msg if ((flag & WPS_MSG_FLAG_MORE) || wps_buf != NULL) {//frag msg
if (tlen > 50000) {
wpa_printf(MSG_ERROR, "EAP-WSC: Invalid Message Length");
return ESP_FAIL;
}
wpa_printf(MSG_DEBUG, "rx frag msg id:%d, flag:%d, frag_len: %d, tot_len: %d, be_tot_len:%d", sm->current_identifier, flag, frag_len, tlen, be_tot_len); wpa_printf(MSG_DEBUG, "rx frag msg id:%d, flag:%d, frag_len: %d, tot_len: %d, be_tot_len:%d", sm->current_identifier, flag, frag_len, tlen, be_tot_len);
if (ESP_OK != wps_enrollee_process_msg_frag(&wps_buf, tlen, tbuf, frag_len, flag)) { if (ESP_OK != wps_enrollee_process_msg_frag(&wps_buf, tlen, tbuf, frag_len, flag)) {
if (wps_buf) { if (wps_buf) {

1
components/wpa_supplicant/src/ap/wpa_auth.c
View File

@ -1629,6 +1629,7 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING)
SM_ENTRY_MA(WPA_PTK, PTKCALCNEGOTIATING, wpa_ptk); SM_ENTRY_MA(WPA_PTK, PTKCALCNEGOTIATING, wpa_ptk);
sm->EAPOLKeyReceived = FALSE; sm->EAPOLKeyReceived = FALSE;
sm->update_snonce = FALSE; sm->update_snonce = FALSE;
os_memset(&PTK, 0, sizeof(PTK));
pmk_len = PMK_LEN; pmk_len = PMK_LEN;
/* WPA with IEEE 802.1X: use the derived PMK from EAP /* WPA with IEEE 802.1X: use the derived PMK from EAP

2
components/wpa_supplicant/src/crypto/sha256-prf.c
View File

@ -97,7 +97,7 @@ int sha256_prf_bits(const u8 *key, size_t key_len, const char *label,
* Mask out unused bits in the last octet if it does not use all the * Mask out unused bits in the last octet if it does not use all the
* bits. * bits.
*/ */
if (buf_len_bits % 8) { if (pos > 0 && (buf_len_bits % 8)) {
u8 mask = 0xff << (8 - buf_len_bits % 8); u8 mask = 0xff << (8 - buf_len_bits % 8);
buf[pos - 1] &= mask; buf[pos - 1] &= mask;
} }

2
components/wpa_supplicant/src/crypto/sha384-prf.c
View File

@ -97,7 +97,7 @@ int sha384_prf_bits(const u8 *key, size_t key_len, const char *label,
* Mask out unused bits in the last octet if it does not use all the * Mask out unused bits in the last octet if it does not use all the
* bits. * bits.
*/ */
if (buf_len_bits % 8) { if (pos > 0 && (buf_len_bits % 8)) {
u8 mask = 0xff << (8 - buf_len_bits % 8); u8 mask = 0xff << (8 - buf_len_bits % 8);
buf[pos - 1] &= mask; buf[pos - 1] &= mask;
} }

9
components/wpa_supplicant/src/eap_peer/eap_fast_pac.c
View File

@ -426,11 +426,9 @@ int eap_fast_load_pac(struct eap_sm *sm, struct eap_fast_pac **pac_root,
if (eap_fast_read_line(&rc, &pos) < 0) { if (eap_fast_read_line(&rc, &pos) < 0) {
/* empty file - assume it is fine to overwrite */ /* empty file - assume it is fine to overwrite */
printf("\n\nassuming it is fine to overwrite... \n\n");
eap_fast_deinit_pac_data(&rc); eap_fast_deinit_pac_data(&rc);
return 0; return 0;
} }
printf("\n\nPAC FILE =\n%s", rc.pos);
if (os_strcmp(pac_file_hdr, rc.buf) != 0) if (os_strcmp(pac_file_hdr, rc.buf) != 0)
err = "Unrecognized header line"; err = "Unrecognized header line";
@ -546,11 +544,13 @@ static int eap_fast_write_pac(struct eap_sm *sm, const char *pac_file,
blob->data = (u8 *) buf; blob->data = (u8 *) buf;
blob->len = len; blob->len = len;
buf = NULL; buf = NULL;
#ifndef ESP_SUPPLICANT
blob->name = os_strdup(pac_file + 7); blob->name = os_strdup(pac_file + 7);
if (blob->name == NULL) { if (blob->name == NULL) {
os_free(blob); os_free(blob);
return -1; return -1;
} }
#endif
eap_set_config_blob(sm, blob); eap_set_config_blob(sm, blob);
os_free(blob); os_free(blob);
} else { } else {
@ -657,7 +657,6 @@ int eap_fast_save_pac(struct eap_sm *sm, struct eap_fast_pac *pac_root,
return -1; return -1;
} }
wpa_printf(MSG_DEBUG, "PAC file: %s", (sm->blob[3].data));
wpa_printf(MSG_DEBUG, "EAP-FAST: Wrote %d PAC entries into '%s'", wpa_printf(MSG_DEBUG, "EAP-FAST: Wrote %d PAC entries into '%s'",
count, pac_file); count, pac_file);
@ -755,8 +754,7 @@ int eap_fast_load_pac_bin(struct eap_sm *sm, struct eap_fast_pac **pac_root,
{ {
const struct wpa_config_blob *blob = NULL; const struct wpa_config_blob *blob = NULL;
u8 *buf, *end, *pos; u8 *buf, *end, *pos;
size_t len = 0; size_t len, count = 0;
size_t count = 0;
struct eap_fast_pac *pac, *prev; struct eap_fast_pac *pac, *prev;
*pac_root = NULL; *pac_root = NULL;
@ -776,6 +774,7 @@ int eap_fast_load_pac_bin(struct eap_sm *sm, struct eap_fast_pac **pac_root,
len = blob->len; len = blob->len;
} else { } else {
buf = (u8 *) sm->blob[3].data; //(u8 *) os_readfile(pac_file, &len); buf = (u8 *) sm->blob[3].data; //(u8 *) os_readfile(pac_file, &len);
len = sm->blob[3].len;
if (buf == NULL) { if (buf == NULL) {
wpa_printf(MSG_INFO, "EAP-FAST: No PAC file '%s' - " wpa_printf(MSG_INFO, "EAP-FAST: No PAC file '%s' - "
"assume no PAC entries have been " "assume no PAC entries have been "

8
components/wpa_supplicant/src/eap_peer/eap_ttls.c
View File

@ -117,7 +117,7 @@ static void * eap_ttls_init(struct eap_sm *sm)
static void eap_ttls_phase2_eap_deinit(struct eap_sm *sm, static void eap_ttls_phase2_eap_deinit(struct eap_sm *sm,
struct eap_ttls_data *data) struct eap_ttls_data *data)
{ {
if (data->phase2_priv && data->phase2_method) { if (data->phase2_priv && data->phase2_method) {
data->phase2_method->deinit(sm, data->phase2_priv); data->phase2_method->deinit(sm, data->phase2_priv);
@ -130,7 +130,7 @@ static void eap_ttls_phase2_eap_deinit(struct eap_sm *sm,
static void eap_ttls_free_key(struct eap_ttls_data *data) static void eap_ttls_free_key(struct eap_ttls_data *data)
{ {
if (data->key_data) { if (data->key_data) {
bin_clear_free(data->key_data, EAP_TLS_KEY_LEN); bin_clear_free(data->key_data, EAP_TLS_KEY_LEN + EAP_EMSK_LEN);
data->key_data = NULL; data->key_data = NULL;
} }
} }
@ -153,7 +153,7 @@ static void eap_ttls_deinit(struct eap_sm *sm, void *priv)
static u8 * eap_ttls_avp_hdr(u8 *avphdr, u32 avp_code, u32 vendor_id, static u8 * eap_ttls_avp_hdr(u8 *avphdr, u32 avp_code, u32 vendor_id,
int mandatory, size_t len) int mandatory, size_t len)
{ {
struct ttls_avp_vendor *avp; struct ttls_avp_vendor *avp;
u8 flags; u8 flags;
@ -170,7 +170,7 @@ static u8 * eap_ttls_avp_hdr(u8 *avphdr, u32 avp_code, u32 vendor_id,
} }
avp->avp_code = host_to_be32(avp_code); avp->avp_code = host_to_be32(avp_code);
avp->avp_length = host_to_be32(((u32) (flags << 24)) | avp->avp_length = host_to_be32(((u32) flags << 24) |
(u32) (hdrlen + len)); (u32) (hdrlen + len));
return avphdr + hdrlen; return avphdr + hdrlen;

10
components/wpa_supplicant/src/rsn_supp/wpa_ie.c
View File

@ -297,7 +297,7 @@ int wpa_gen_wpa_ie(struct wpa_sm *sm, u8 *wpa_ie, size_t wpa_ie_len)
int wpa_gen_rsnxe(struct wpa_sm *sm, u8 *rsnxe, size_t rsnxe_len) int wpa_gen_rsnxe(struct wpa_sm *sm, u8 *rsnxe, size_t rsnxe_len)
{ {
u8 *pos = rsnxe; u8 *pos = rsnxe;
u16 capab = 0; u16 capab = 0, tmp;
size_t flen; size_t flen;
if (wpa_key_mgmt_sae(sm->key_mgmt) && if (wpa_key_mgmt_sae(sm->key_mgmt) &&
@ -311,9 +311,15 @@ int wpa_gen_rsnxe(struct wpa_sm *sm, u8 *rsnxe, size_t rsnxe_len)
#endif /* CONFIG_SAE_PK */ #endif /* CONFIG_SAE_PK */
} }
flen = (capab & 0xff00) ? 2 : 1;
if (!capab) if (!capab)
return 0; /* no supported extended RSN capabilities */ return 0; /* no supported extended RSN capabilities */
tmp = capab;
flen = 0;
while (tmp) {
flen++;
tmp >>= 8;
}
if (rsnxe_len < 2 + flen) if (rsnxe_len < 2 + flen)
return -1; return -1;
capab |= flen - 1; /* bit 0-3 = Field length (n - 1) */ capab |= flen - 1; /* bit 0-3 = Field length (n - 1) */

3
components/wpa_supplicant/src/utils/json.c
View File

@ -269,7 +269,8 @@ struct json_token * json_parse(const char *data, size_t data_len)
case ']': /* end array */ case ']': /* end array */
case '}': /* end object */ case '}': /* end object */
if (!curr_token || !curr_token->parent || if (!curr_token || !curr_token->parent ||
curr_token->parent->state != JSON_STARTED) { curr_token->parent->state != JSON_STARTED ||
depth == 0) {
wpa_printf(MSG_DEBUG, wpa_printf(MSG_DEBUG,
"JSON: Invalid state for end array/object"); "JSON: Invalid state for end array/object");
goto fail; goto fail;

2
components/wpa_supplicant/src/wps/wps.h
View File

@ -121,7 +121,7 @@ struct wps_config {
/** /**
* pin - Enrollee Device Password (%NULL for Registrar or PBC) * pin - Enrollee Device Password (%NULL for Registrar or PBC)
*/ */
const u8 pin[9]; u8 pin[9];
/** /**
* pin_len - Length on pin in octets * pin_len - Length on pin in octets