mirror of
https://github.com/espressif/esp-idf.git
synced 2025-08-03 20:54:32 +02:00
wpa_supplicant: static analysis fixes
This commit is contained in:
Kapil Gupta
Jack
@@ -851,7 +851,7 @@ static int dpp_derive_k1(const u8 *Mx, size_t Mx_len, u8 *k1,
|
|||||||
|
|
||||||
/* HKDF-Expand(PRK, info, L) */
|
/* HKDF-Expand(PRK, info, L) */
|
||||||
res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k1, hash_len);
|
res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k1, hash_len);
|
||||||
os_memset(prk, 0, hash_len);
|
forced_memzero(prk, hash_len);
|
||||||
if (res < 0)
|
if (res < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
@@ -880,7 +880,7 @@ static int dpp_derive_k2(const u8 *Nx, size_t Nx_len, u8 *k2,
|
|||||||
|
|
||||||
/* HKDF-Expand(PRK, info, L) */
|
/* HKDF-Expand(PRK, info, L) */
|
||||||
res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k2, hash_len);
|
res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k2, hash_len);
|
||||||
os_memset(prk, 0, hash_len);
|
forced_memzero(prk, hash_len);
|
||||||
if (res < 0)
|
if (res < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
@@ -939,7 +939,7 @@ static int dpp_derive_ke(struct dpp_authentication *auth, u8 *ke,
|
|||||||
|
|
||||||
/* HKDF-Expand(PRK, info, L) */
|
/* HKDF-Expand(PRK, info, L) */
|
||||||
res = dpp_hkdf_expand(hash_len, prk, hash_len, info_ke, ke, hash_len);
|
res = dpp_hkdf_expand(hash_len, prk, hash_len, info_ke, ke, hash_len);
|
||||||
os_memset(prk, 0, hash_len);
|
forced_memzero(prk, hash_len);
|
||||||
if (res < 0)
|
if (res < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
@@ -3936,7 +3936,7 @@ static void dpp_build_legacy_cred_params(struct wpabuf *buf,
|
|||||||
wpa_snprintf_hex(psk, sizeof(psk),
|
wpa_snprintf_hex(psk, sizeof(psk),
|
||||||
conf->psk, sizeof(conf->psk));
|
conf->psk, sizeof(conf->psk));
|
||||||
json_add_string(buf, "psk_hex", psk);
|
json_add_string(buf, "psk_hex", psk);
|
||||||
os_memset(psk, 0, sizeof(psk));
|
forced_memzero(psk, sizeof(psk));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -4108,6 +4108,8 @@ skip_groups:
|
|||||||
goto fail;
|
goto fail;
|
||||||
|
|
||||||
signature = os_malloc(2 * curve->prime_len);
|
signature = os_malloc(2 * curve->prime_len);
|
||||||
|
if (!signature)
|
||||||
|
goto fail;
|
||||||
if (dpp_bn2bin_pad(r, signature, curve->prime_len) < 0 ||
|
if (dpp_bn2bin_pad(r, signature, curve->prime_len) < 0 ||
|
||||||
dpp_bn2bin_pad(s, signature + curve->prime_len,
|
dpp_bn2bin_pad(s, signature + curve->prime_len,
|
||||||
curve->prime_len) < 0)
|
curve->prime_len) < 0)
|
||||||
@@ -5726,7 +5728,7 @@ static int dpp_derive_pmk(const u8 *Nx, size_t Nx_len, u8 *pmk,
|
|||||||
|
|
||||||
/* HKDF-Expand(PRK, info, L) */
|
/* HKDF-Expand(PRK, info, L) */
|
||||||
res = dpp_hkdf_expand(hash_len, prk, hash_len, info, pmk, hash_len);
|
res = dpp_hkdf_expand(hash_len, prk, hash_len, info, pmk, hash_len);
|
||||||
os_memset(prk, 0, hash_len);
|
forced_memzero(prk, hash_len);
|
||||||
if (res < 0)
|
if (res < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
@@ -5931,7 +5933,7 @@ dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector,
|
|||||||
fail:
|
fail:
|
||||||
if (ret != DPP_STATUS_OK)
|
if (ret != DPP_STATUS_OK)
|
||||||
os_memset(intro, 0, sizeof(*intro));
|
os_memset(intro, 0, sizeof(*intro));
|
||||||
os_memset(Nx, 0, sizeof(Nx));
|
forced_memzero(Nx, sizeof(Nx));
|
||||||
os_free(own_conn);
|
os_free(own_conn);
|
||||||
os_free(signed_connector);
|
os_free(signed_connector);
|
||||||
os_free(info.payload);
|
os_free(info.payload);
|
||||||
|
|||||||
@@ -147,7 +147,7 @@ static struct crypto_bignum * sae_get_rand(struct sae_data *sae)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
os_memset(val, 0, order_len);
|
forced_memzero(val, order_len);
|
||||||
return bn;
|
return bn;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -828,11 +828,11 @@ static int sae_derive_keys(struct sae_data *sae, const u8 *k)
|
|||||||
if (sha256_prf(keyseed, sizeof(keyseed), "SAE KCK and PMK",
|
if (sha256_prf(keyseed, sizeof(keyseed), "SAE KCK and PMK",
|
||||||
val, sae->tmp->prime_len, keys, sizeof(keys)) < 0)
|
val, sae->tmp->prime_len, keys, sizeof(keys)) < 0)
|
||||||
goto fail;
|
goto fail;
|
||||||
os_memset(keyseed, 0, sizeof(keyseed));
|
forced_memzero(keyseed, sizeof(keyseed));
|
||||||
os_memcpy(sae->tmp->kck, keys, SAE_KCK_LEN);
|
os_memcpy(sae->tmp->kck, keys, SAE_KCK_LEN);
|
||||||
os_memcpy(sae->pmk, keys + SAE_KCK_LEN, SAE_PMK_LEN);
|
os_memcpy(sae->pmk, keys + SAE_KCK_LEN, SAE_PMK_LEN);
|
||||||
os_memcpy(sae->pmkid, val, SAE_PMKID_LEN);
|
os_memcpy(sae->pmkid, val, SAE_PMKID_LEN);
|
||||||
os_memset(keys, 0, sizeof(keys));
|
forced_memzero(keys, sizeof(keys));
|
||||||
wpa_hexdump_key(MSG_DEBUG, "SAE: KCK", sae->tmp->kck, SAE_KCK_LEN);
|
wpa_hexdump_key(MSG_DEBUG, "SAE: KCK", sae->tmp->kck, SAE_KCK_LEN);
|
||||||
wpa_hexdump_key(MSG_DEBUG, "SAE: PMK", sae->pmk, SAE_PMK_LEN);
|
wpa_hexdump_key(MSG_DEBUG, "SAE: PMK", sae->pmk, SAE_PMK_LEN);
|
||||||
|
|
||||||
@@ -1179,8 +1179,6 @@ static int sae_parse_password_identifier(struct sae_data *sae,
|
|||||||
sae->tmp->pw_id);
|
sae->tmp->pw_id);
|
||||||
return WLAN_STATUS_UNKNOWN_PASSWORD_IDENTIFIER;
|
return WLAN_STATUS_UNKNOWN_PASSWORD_IDENTIFIER;
|
||||||
}
|
}
|
||||||
os_free(sae->tmp->pw_id);
|
|
||||||
sae->tmp->pw_id = NULL;
|
|
||||||
return WLAN_STATUS_SUCCESS; /* No Password Identifier */
|
return WLAN_STATUS_SUCCESS; /* No Password Identifier */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -419,8 +419,8 @@ void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
|||||||
WPA_PUT_BE32(cypher, work[0]);
|
WPA_PUT_BE32(cypher, work[0]);
|
||||||
WPA_PUT_BE32(cypher + 4, work[1]);
|
WPA_PUT_BE32(cypher + 4, work[1]);
|
||||||
|
|
||||||
os_memset(pkey, 0, sizeof(pkey));
|
forced_memzero(pkey, sizeof(pkey));
|
||||||
os_memset(ek, 0, sizeof(ek));
|
forced_memzero(ek, sizeof(ek));
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
@@ -1657,7 +1657,7 @@ mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* init our temps */
|
/* init our temps */
|
||||||
if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL) != MP_OKAY)) {
|
if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) {
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1653,7 +1653,7 @@ mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* init our temps */
|
/* init our temps */
|
||||||
if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL) != MP_OKAY)) {
|
if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) {
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -71,6 +71,9 @@ int wps_is_selected_pbc_registrar(const struct wpabuf *msg)
|
|||||||
{
|
{
|
||||||
struct wps_parse_attr *attr = (struct wps_parse_attr *)os_zalloc(sizeof(struct wps_parse_attr));
|
struct wps_parse_attr *attr = (struct wps_parse_attr *)os_zalloc(sizeof(struct wps_parse_attr));
|
||||||
|
|
||||||
|
if (!attr)
|
||||||
|
return 0;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* In theory, this could also verify that attr.sel_reg_config_methods
|
* In theory, this could also verify that attr.sel_reg_config_methods
|
||||||
* includes WPS_CONFIG_PUSHBUTTON, but some deployed AP implementations
|
* includes WPS_CONFIG_PUSHBUTTON, but some deployed AP implementations
|
||||||
|
|||||||
Reference in New Issue
Block a user