mirror of
https://github.com/espressif/esp-idf.git
synced 2025-07-31 19:24:33 +02:00
wpa_supplicant: static analysis fixes
This commit is contained in:
Kapil Gupta
BOT
@@ -847,7 +847,7 @@ static int dpp_derive_k1(const u8 *Mx, size_t Mx_len, u8 *k1,
|
||||
|
||||
/* HKDF-Expand(PRK, info, L) */
|
||||
res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k1, hash_len);
|
||||
os_memset(prk, 0, hash_len);
|
||||
forced_memzero(prk, hash_len);
|
||||
if (res < 0)
|
||||
return -1;
|
||||
|
||||
@@ -876,7 +876,7 @@ static int dpp_derive_k2(const u8 *Nx, size_t Nx_len, u8 *k2,
|
||||
|
||||
/* HKDF-Expand(PRK, info, L) */
|
||||
res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k2, hash_len);
|
||||
os_memset(prk, 0, hash_len);
|
||||
forced_memzero(prk, hash_len);
|
||||
if (res < 0)
|
||||
return -1;
|
||||
|
||||
@@ -935,7 +935,7 @@ static int dpp_derive_ke(struct dpp_authentication *auth, u8 *ke,
|
||||
|
||||
/* HKDF-Expand(PRK, info, L) */
|
||||
res = dpp_hkdf_expand(hash_len, prk, hash_len, info_ke, ke, hash_len);
|
||||
os_memset(prk, 0, hash_len);
|
||||
forced_memzero(prk, hash_len);
|
||||
if (res < 0)
|
||||
return -1;
|
||||
|
||||
@@ -3938,7 +3938,7 @@ static void dpp_build_legacy_cred_params(struct wpabuf *buf,
|
||||
wpa_snprintf_hex(psk, sizeof(psk),
|
||||
conf->psk, sizeof(conf->psk));
|
||||
json_add_string(buf, "psk_hex", psk);
|
||||
os_memset(psk, 0, sizeof(psk));
|
||||
forced_memzero(psk, sizeof(psk));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4110,6 +4110,8 @@ skip_groups:
|
||||
goto fail;
|
||||
|
||||
signature = os_malloc(2 * curve->prime_len);
|
||||
if (!signature)
|
||||
goto fail;
|
||||
if (dpp_bn2bin_pad(r, signature, curve->prime_len) < 0 ||
|
||||
dpp_bn2bin_pad(s, signature + curve->prime_len,
|
||||
curve->prime_len) < 0)
|
||||
@@ -5728,7 +5730,7 @@ static int dpp_derive_pmk(const u8 *Nx, size_t Nx_len, u8 *pmk,
|
||||
|
||||
/* HKDF-Expand(PRK, info, L) */
|
||||
res = dpp_hkdf_expand(hash_len, prk, hash_len, info, pmk, hash_len);
|
||||
os_memset(prk, 0, hash_len);
|
||||
forced_memzero(prk, hash_len);
|
||||
if (res < 0)
|
||||
return -1;
|
||||
|
||||
@@ -5933,7 +5935,7 @@ dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector,
|
||||
fail:
|
||||
if (ret != DPP_STATUS_OK)
|
||||
os_memset(intro, 0, sizeof(*intro));
|
||||
os_memset(Nx, 0, sizeof(Nx));
|
||||
forced_memzero(Nx, sizeof(Nx));
|
||||
os_free(own_conn);
|
||||
os_free(signed_connector);
|
||||
os_free(info.payload);
|
||||
|
||||
@@ -147,7 +147,7 @@ static struct crypto_bignum * sae_get_rand(struct sae_data *sae)
|
||||
break;
|
||||
}
|
||||
|
||||
os_memset(val, 0, order_len);
|
||||
forced_memzero(val, order_len);
|
||||
return bn;
|
||||
}
|
||||
|
||||
@@ -830,11 +830,11 @@ static int sae_derive_keys(struct sae_data *sae, const u8 *k)
|
||||
if (sha256_prf(keyseed, sizeof(keyseed), "SAE KCK and PMK",
|
||||
val, sae->tmp->prime_len, keys, sizeof(keys)) < 0)
|
||||
goto fail;
|
||||
os_memset(keyseed, 0, sizeof(keyseed));
|
||||
forced_memzero(keyseed, sizeof(keyseed));
|
||||
os_memcpy(sae->tmp->kck, keys, SAE_KCK_LEN);
|
||||
os_memcpy(sae->pmk, keys + SAE_KCK_LEN, SAE_PMK_LEN);
|
||||
os_memcpy(sae->pmkid, val, SAE_PMKID_LEN);
|
||||
os_memset(keys, 0, sizeof(keys));
|
||||
forced_memzero(keys, sizeof(keys));
|
||||
wpa_hexdump_key(MSG_DEBUG, "SAE: KCK", sae->tmp->kck, SAE_KCK_LEN);
|
||||
wpa_hexdump_key(MSG_DEBUG, "SAE: PMK", sae->pmk, SAE_PMK_LEN);
|
||||
|
||||
@@ -1181,8 +1181,6 @@ static int sae_parse_password_identifier(struct sae_data *sae,
|
||||
sae->tmp->pw_id);
|
||||
return WLAN_STATUS_UNKNOWN_PASSWORD_IDENTIFIER;
|
||||
}
|
||||
os_free(sae->tmp->pw_id);
|
||||
sae->tmp->pw_id = NULL;
|
||||
return WLAN_STATUS_SUCCESS; /* No Password Identifier */
|
||||
}
|
||||
|
||||
|
||||
@@ -419,8 +419,8 @@ int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
||||
WPA_PUT_BE32(cypher, work[0]);
|
||||
WPA_PUT_BE32(cypher + 4, work[1]);
|
||||
|
||||
os_memset(pkey, 0, sizeof(pkey));
|
||||
os_memset(ek, 0, sizeof(ek));
|
||||
forced_memzero(pkey, sizeof(pkey));
|
||||
forced_memzero(ek, sizeof(ek));
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@@ -1657,7 +1657,7 @@ mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
|
||||
}
|
||||
|
||||
/* init our temps */
|
||||
if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL) != MP_OKAY)) {
|
||||
if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) {
|
||||
return res;
|
||||
}
|
||||
|
||||
|
||||
@@ -1653,7 +1653,7 @@ mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
|
||||
}
|
||||
|
||||
/* init our temps */
|
||||
if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL) != MP_OKAY)) {
|
||||
if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) {
|
||||
return res;
|
||||
}
|
||||
|
||||
|
||||
@@ -71,6 +71,9 @@ int wps_is_selected_pbc_registrar(const struct wpabuf *msg)
|
||||
{
|
||||
struct wps_parse_attr *attr = (struct wps_parse_attr *)os_zalloc(sizeof(struct wps_parse_attr));
|
||||
|
||||
if (!attr)
|
||||
return 0;
|
||||
|
||||
/*
|
||||
* In theory, this could also verify that attr.sel_reg_config_methods
|
||||
* includes WPS_CONFIG_PUSHBUTTON, but some deployed AP implementations
|
||||
|
||||
Reference in New Issue
Block a user