espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-10-02 18:10:57 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'fix/http_client_coverity_warnings' into 'master'

Browse Source 
fix(esp_http_client): address coverity generated warnings

Closes IDF-13867, IDF-13881, and IDF-13886

See merge request espressif/esp-idf!41411
This commit is contained in:
Aditya Patwardhan
2025-08-25 17:02:07 +05:30
parent 4dd2694760 ed201f4f77
commit 646377c622
4 changed files with 61 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
components/esp_http_client/esp_http_client.c
View File

@@ -1942,36 +1942,40 @@ esp_err_t esp_http_client_add_auth(esp_http_client_handle_t client)
} }
char *auth_header = client->auth_header; char *auth_header = client->auth_header;
if (auth_header) { if (!auth_header) {
client->connection_info.auth_type = HTTP_AUTH_TYPE_NONE;
ESP_LOGW(TAG, "This request requires authentication, but does not provide header information for that");
return ESP_ERR_NOT_SUPPORTED;
}
http_utils_trim_whitespace(&auth_header); http_utils_trim_whitespace(&auth_header);
ESP_LOGD(TAG, "UNAUTHORIZED: %s", auth_header); ESP_LOGD(TAG, "UNAUTHORIZED: %s", auth_header);
client->redirect_counter++; client->redirect_counter++;
#ifdef CONFIG_ESP_HTTP_CLIENT_ENABLE_DIGEST_AUTH
// Check for supported authentication types
#if CONFIG_ESP_HTTP_CLIENT_ENABLE_DIGEST_AUTH
if (http_utils_str_starts_with(auth_header, "Digest") == 0) { if (http_utils_str_starts_with(auth_header, "Digest") == 0) {
ESP_LOGD(TAG, "type = Digest"); ESP_LOGD(TAG, "type = Digest");
client->connection_info.auth_type = HTTP_AUTH_TYPE_DIGEST; client->connection_info.auth_type = HTTP_AUTH_TYPE_DIGEST;
} else { } else
#endif #endif
#ifdef CONFIG_ESP_HTTP_CLIENT_ENABLE_BASIC_AUTH #if CONFIG_ESP_HTTP_CLIENT_ENABLE_BASIC_AUTH
if (http_utils_str_starts_with(auth_header, "Basic") == 0) { if (http_utils_str_starts_with(auth_header, "Basic") == 0) {
ESP_LOGD(TAG, "type = Basic"); ESP_LOGD(TAG, "type = Basic");
client->connection_info.auth_type = HTTP_AUTH_TYPE_BASIC; client->connection_info.auth_type = HTTP_AUTH_TYPE_BASIC;
} else { } else
#endif #endif
{
client->connection_info.auth_type = HTTP_AUTH_TYPE_NONE; client->connection_info.auth_type = HTTP_AUTH_TYPE_NONE;
ESP_LOGE(TAG, "This authentication method is not supported: %s", auth_header); ESP_LOGE(TAG, "This authentication method is not supported: %s", auth_header);
return ESP_ERR_NOT_SUPPORTED; return ESP_ERR_NOT_SUPPORTED;
#ifdef CONFIG_ESP_HTTP_CLIENT_ENABLE_BASIC_AUTH
} }
#endif
#ifdef CONFIG_ESP_HTTP_CLIENT_ENABLE_DIGEST_AUTH #if CONFIG_ESP_HTTP_CLIENT_ENABLE_DIGEST_AUTH || CONFIG_ESP_HTTP_CLIENT_ENABLE_BASIC_AUTH
}
#endif
_clear_auth_data(client); _clear_auth_data(client);
client->auth_data->method = strdup(HTTP_METHOD_MAPPING[client->connection_info.method]); client->auth_data->method = strdup(HTTP_METHOD_MAPPING[client->connection_info.method]);
client->auth_data->nc = 1; client->auth_data->nc = 1;
HTTP_RET_ON_ERR_DBG(http_utils_get_string_between(auth_header, "realm=\"", "\"", &client->auth_data->realm), TAG, "Unable to extract substring between specified strings"); HTTP_RET_ON_ERR_DBG(http_utils_get_string_between(auth_header, "realm=\"", "\"", &client->auth_data->realm), TAG, "Unable to extract substring between specified strings");
HTTP_RET_ON_ERR_DBG(http_utils_get_string_between(auth_header, "algorithm=", ",", &client->auth_data->algorithm), TAG, "Unable to extract substring between specified strings"); HTTP_RET_ON_ERR_DBG(http_utils_get_string_between(auth_header, "algorithm=", ",", &client->auth_data->algorithm), TAG, "Unable to extract substring between specified strings");
@@ -1990,11 +1994,7 @@ esp_err_t esp_http_client_add_auth(esp_http_client_handle_t client)
client->process_again = 1; client->process_again = 1;
return ESP_OK; return ESP_OK;
} else { #endif // CONFIG_ESP_HTTP_CLIENT_ENABLE_DIGEST_AUTH || CONFIG_ESP_HTTP_CLIENT_ENABLE_BASIC_AUTH
client->connection_info.auth_type = HTTP_AUTH_TYPE_NONE;
ESP_LOGW(TAG, "This request requires authentication, but does not provide header information for that");
return ESP_ERR_NOT_SUPPORTED;
}
} }
int esp_http_client_read_response(esp_http_client_handle_t client, char *buffer, int len) int esp_http_client_read_response(esp_http_client_handle_t client, char *buffer, int len)

4
components/esp_http_client/lib/http_auth.c
View File

@@ -41,7 +41,7 @@ static int md5_printf(char *md, const char *fmt, ...)
unsigned char digest[MD5_MAX_LEN]; unsigned char digest[MD5_MAX_LEN];
int len, i; int len, i;
md5_context_t md5_ctx; md5_context_t md5_ctx;
va_list ap; va_list ap = {0};
va_start(ap, fmt); va_start(ap, fmt);
len = vasprintf((char **)&buf, fmt, ap); len = vasprintf((char **)&buf, fmt, ap);
if (buf == NULL) { if (buf == NULL) {
@@ -76,7 +76,7 @@ static int sha256_sprintf(char *sha, const char *fmt, ...)
unsigned char *buf; unsigned char *buf;
unsigned char digest[SHA256_LEN]; unsigned char digest[SHA256_LEN];
int len, i; int len, i;
va_list ap; va_list ap = {0};
va_start(ap, fmt); va_start(ap, fmt);
len = vasprintf((char **)&buf, fmt, ap); len = vasprintf((char **)&buf, fmt, ap);
if (buf == NULL) { if (buf == NULL) {

8
components/esp_http_client/lib/http_header.c
View File

@@ -1,5 +1,5 @@
/* /*
* SPDX-FileCopyrightText: 2015-2024 Espressif Systems (Shanghai) CO LTD * SPDX-FileCopyrightText: 2015-2025 Espressif Systems (Shanghai) CO LTD
* *
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
*/ */
@@ -88,8 +88,12 @@ static esp_err_t http_header_new_item(http_header_handle_t header, const char *k
STAILQ_INSERT_TAIL(header, item, next); STAILQ_INSERT_TAIL(header, item, next);
return ret; return ret;
_header_new_item_exit: _header_new_item_exit:
if (item->key) {
free(item->key); free(item->key);
}
if (item->value) {
free(item->value); free(item->value);
}
free(item); free(item);
return ret; return ret;
} }
@@ -150,7 +154,7 @@ esp_err_t http_header_delete(http_header_handle_t header, const char *key)
int http_header_set_format(http_header_handle_t header, const char *key, const char *format, ...) int http_header_set_format(http_header_handle_t header, const char *key, const char *format, ...)
{ {
va_list argptr; va_list argptr = {0};
int len = 0; int len = 0;
char *buf = NULL; char *buf = NULL;
va_start(argptr, format); va_start(argptr, format);

4
components/esp_tee/src/esp_tee.c
View File

@@ -40,7 +40,7 @@ uint32_t IRAM_ATTR esp_tee_service_call(int argc, ...)
init_mutex(); init_mutex();
uint32_t val = UINT32_MAX; uint32_t val = UINT32_MAX;
va_list ap; va_list ap = {0};
va_start(ap, argc); va_start(ap, argc);
if (xTaskGetSchedulerState() == taskSCHEDULER_RUNNING) { if (xTaskGetSchedulerState() == taskSCHEDULER_RUNNING) {
@@ -59,7 +59,7 @@ uint32_t IRAM_ATTR esp_tee_service_call(int argc, ...)
uint32_t IRAM_ATTR esp_tee_service_call_with_noniram_intr_disabled(int argc, ...) uint32_t IRAM_ATTR esp_tee_service_call_with_noniram_intr_disabled(int argc, ...)
{ {
uint32_t val = UINT32_MAX; uint32_t val = UINT32_MAX;
va_list ap; va_list ap = {0};
va_start(ap, argc); va_start(ap, argc);
/* NOTE: Disabling the scheduler and non-IRAM residing interrupts */ /* NOTE: Disabling the scheduler and non-IRAM residing interrupts */